Lucene search
K
PtsecurityRecent

184424 matches found

Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•12 views

PT-2026-53284

Name of the Vulnerable Software and Affected Versions phpUploader versions prior to 2.0.2 Description An unauthenticated information disclosure exists where remote attackers can access the full contents of the uploaded-files database table by visiting any page of the application. The index model...

8.7CVSS5.8AI score0.00365EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•10 views

PT-2026-53492

Resolution Fixed in v3.1.0, released 2026-05-25. The fix was merged in PR 95 at commit 1c7d3f9. The fix changes the default HTTP bind host to 127.0.0.1, refuses non-loopback HTTP/HTTPS exposure unless OAuth is enabled, makes Helm exposure opt-in and OAuth-gated, and adds parser-backed...

10CVSS6.1AI score0.00498EPSS
Exploits0References9
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•7 views

PT-2026-53293

Name of the Vulnerable Software and Affected Versions Wallet System for WooCommerce versions prior to 2.7.7 Description Broken access control allows users with the Subscriber role to perform unauthorized actions within the system. Recommendations Update Wallet System for WooCommerce to version...

7.1CVSS5.8AI score0.00256EPSS
Exploits0References4
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•9 views

PT-2026-53315

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR841N version v14 Description An authenticated stack-based buffer overflow occurs in the web management interface. A remote authenticated attacker can send crafted HTTP requests to the embedded web server, causing a stack buffer to...

6.8CVSS6.3AI score0.00554EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•11 views

PT-2026-53451

Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNEL UID or KERNEL GID value. The featu...

9.8CVSS6.2AI score0.00106EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•10 views

PT-2026-53523

Out-of-bounds read in gather tree in PaddlePaddle before 2.4. A patch is available in the release/2.4 branch...

9.1CVSS5.8AI score0.00667EPSS
Exploits1References9
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•8 views

PT-2026-53556

Summary Type: Privilege escalation / cross-tenant member injection. The POST /workspaces/workspace id/members endpoint is gated only by require workspace memberworkspace id default min role="member" and forwards the request body's user id and role straight into MemberService.addworkspace id, user...

9.6CVSS5.8AI score0.00031EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•12 views

PT-2026-53199

A vulnerability was determined in YzmCMS up to 7.5. This affects an unknown function of the file /application/install/index.php. Executing a manipulation of the argument siteurl can lead to sql injection. The attack can be executed remotely. A high complexity level is associated with this attack...

6.3CVSS5.8AI score0.00239EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•9 views

PT-2026-53371

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider before 5.0.0...

9.8CVSS5.8AI score0.0322EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•14 views

PT-2026-53189

A vulnerability was found in Tenda JD12L 16.03.53.23. This impacts the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could ...

9CVSS8AI score0.00466EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•18 views

PT-2026-53349

Missing JWT signature check GHSL-2022-078 The StatelessTokenService of the DataHub metadata service GMS does not verify the signature of JWT tokens. This allows an attacker to connect to DataHub instances as any user if Metadata Service authentication is enabled. This vulnerability occurs because...

9.9CVSS5.8AI score0.00851EPSS
Exploits1References10
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•10 views

PT-2026-53501

In mlflow/mlflow, the FastAPI job endpoints under /ajax-api/3.0/jobs/ are not protected by authentication or authorization when the basic-auth app is enabled. This vulnerability affects the latest version of the repository. If job execution is enabled MLFLOW SERVER ENABLE JOB EXECUTION=true and a...

9.8CVSS6.4AI score0.04392EPSS
Exploits1References6
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•12 views

PT-2026-53574

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4 64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. pyminizip uses version 1.2.11 of zlib's code...

9.8CVSS7.4AI score0.02918EPSS
Exploits0References18
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•8 views

PT-2026-53744

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.22 Apache Tomcat versions 10.1.0-M1 through 10.1.55 Apache Tomcat versions 9.0.13 through 9.0.18 Apache Tomcat versions 8.5.38 through 8.5.100 Apache Tomcat versions 7.0.100 through 7.0.109...

6.5CVSS5.8AI score0.0028EPSS
Exploits0References19
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•13 views

PT-2026-53316

Name of the Vulnerable Software and Affected Versions libtiff affected versions not specified Description A heap-based buffer overflow exists in the PixarLog decoder. A remote attacker can trigger this issue by providing a specially crafted PixarLog-compressed TIFF image. The flaw occurs during t...

7.3CVSS6.6AI score0.00231EPSS
Exploits0References15
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•10 views

PT-2026-53546

| Field | Value | |---|---| | Severity | Critical | | Type | Path traversal -- arbitrary file write via tar.extract without member validation | | Affected | src/praisonai/praisonai/cli/features/recipe.py:1170-1172 | Summary cmd unpack in the recipe CLI extracts .praison tar archives using raw...

9.4CVSS6AI score0.00379EPSS
Exploits1References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•8 views

PT-2026-53453

Summary jupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by jupyter-remote-desktop-proxy were still accessible via the network. This vulnerability does not affect users having...

9CVSS5.8AI score0.0087EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•16 views

PT-2026-53436

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the post install...

9.8CVSS6.3AI score0.00635EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•15 views

PT-2026-53248

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3...

7.1CVSS5.8AI score0.00265EPSS
Exploits0References2
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•12 views

PT-2026-53437

Impact A leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. Details HTTP/1.1 Chunked-Encoding bodies are formatted as a sequence of "chunks", each of which consists of: - chunk length - r - length...

9.1CVSS5.8AI score0.00527EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•14 views

PT-2026-53378

APKLeaks prior to v2.0.4 allows remote authenticated attackers to execute arbitrary OS commands via package name inside the application manifest. Impact An authenticated attacker could include arguments that allow unintended commands or code to be executed, allow sensitive data to be read or...

10CVSS6.2AI score0.02307EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•9 views

PT-2026-53295

Unauthenticated Broken Access Control in WP User Frontend = 4.3.7 versions...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References2
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•8 views

PT-2026-53488

The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization CWE-502 in its model serving component. When starting a model server with the ludwig serve command, the framework loads model weight files using torch.load without enabling the security-restrictive weights only=True...

9.8CVSS6.5AI score0.00497EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•9 views

PT-2026-53599

Summary The KeyCache class in scitokens was vulnerable to SQL Injection because it used Python's str.format to construct SQL queries with user-supplied data such as issuer and key id. This allowed an attacker to execute arbitrary SQL commands against the local SQLite database. Ran the POC below...

9.8CVSS6.3AI score0.00492EPSS
Exploits1References8
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•5 views

PT-2026-53584

The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore...

10CVSS6AI score0.02592EPSS
Exploits0References12
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•7 views

PT-2026-53278

A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...

4.8CVSS5.9AI score0.00124EPSS
Exploits0References8
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•10 views

PT-2026-53591

Summary amazon-redshift-python-driver is the official Python connector for Amazon Redshift. In versions 2.1.13 and earlier, the driver insufficiently validates data received from the server during query result processing. A rogue server or man-in-the-middle could leverage this to execute arbitrar...

9.8CVSS6.5AI score0.00808EPSS
Exploits1References9
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•13 views

PT-2026-53204

A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be...

5CVSS5.4AI score0.00199EPSS
Exploits0References8
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•10 views

PT-2026-53541

Summary The AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files without disabling dangerous tags such as !!js/function and !!js/undefined. This allows an attacker to craft a malicious YAML file that, when parsed, executes arbitrary JavaScript code. An attacker can...

9.8CVSS6.8AI score0.0058EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•9 views

PT-2026-53542

Executive Summary: The path validation has a critical logic bug: it checks for .. AFTER normpath has already collapsed all .. sequences. This makes the check completely useless and allows trivial path traversal to any file on the system. The path validation function also does not resolve the...

9.2CVSS6AI score0.00416EPSS
Exploits1References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•10 views

PT-2026-53659

Name of the Vulnerable Software and Affected Versions Gorse versions prior to 0.5.10 Description An authentication bypass exists in the HTTP API when the admin api key is left empty, which is the default configuration. This occurs because improper input validation treats an empty key as a disabli...

9.8CVSS5.8AI score0.03016EPSS
Exploits2References9
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•9 views

PT-2026-53596

Summary A SQL injection vulnerability in FilterEngine.create postgres query allows any authenticated Rucio user to execute arbitrary SQL against the configured PostgreSQL metadata database through the DID search endpoint GET /dids//dids/search. When the external metadata plugin postgres meta is...

9.9CVSS6.7AI score0.00301EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•12 views

PT-2026-53590

Summary Developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. Due to the longstanding decision by the Ray Development team to not implement any sort of authentication on critical endpoints, like the /api/jobs &...

9.4CVSS6.6AI score0.00338EPSS
Exploits0References12
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•14 views

PT-2026-53255

Name of the Vulnerable Software and Affected Versions GNU gzip affected versions not specified Description The gzexe utility handles temporary files insecurely. If the mktemp utility is missing from the user's PATH, gzexe generates a temporary file path using only the process ID PID. Because this...

4.7CVSS5.9AI score0.00105EPSS
Exploits0References18
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•9 views

PT-2026-53213

The APCu Manager WordPress plugin before 4.5.0 does not escape APCu object-cache keys before rendering them in an admin-area page, leading to a Stored Cross-Site Scripting vulnerability. When a persistent object cache is enabled, cache keys derived from unsanitised user input e.g. a transient nam...

6AI score0.00204EPSS
Exploits0References2
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•19 views

PT-2026-53170

A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...

2.4CVSS5.4AI score0.00133EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•12 views

PT-2026-53244

A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/mod users/controller.php?action=add. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The explo...

7.5CVSS6.9AI score0.00412EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•8 views

PT-2026-53688

Name of the Vulnerable Software and Affected Versions Synology MailPlus Server versions prior to 4.0.1-31663 Description A critical flaw allows remote attackers to read and write arbitrary files and access internal services, which likely leads to remote code execution RCE, a state where an attack...

6.6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•7 views

PT-2026-53502

MLflow allowed arbitrary files to be PUT onto the server...

10CVSS5.9AI score0.04408EPSS
Exploits1References8
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•8 views

PT-2026-53354

A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the denylist is configured to block specific commands, such as whoami and /bin/whoami. An attacker can circumvent this restriction by executing...

9.8CVSS5.8AI score0.00812EPSS
Exploits1References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•7 views

PT-2026-53391

An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution RCE by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is...

10CVSS6.7AI score0.01497EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•7 views

PT-2026-53367

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pig Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Pig Provider...

9.8CVSS6AI score0.03944EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•10 views

PT-2026-53575

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape dict...

9.8CVSS5.8AI score0.00691EPSS
Exploits1References10
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•8 views

PT-2026-53589

A command injection exists in Ray's cpu profile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication...

9.8CVSS5.9AI score
Exploits0References8
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•12 views

PT-2026-53205

A flaw has been found in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function GetFileInfo of the file hrsystem/application/models/Employee model.php of the component View Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack...

6.5CVSS6.4AI score0.00204EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•10 views

PT-2026-53755

Name of the Vulnerable Software and Affected Versions Zephyr version 4.4.0 Description An issue exists where the mcumgr serial process frag function in subsys/mgmt/mcumgr/transport/src/serial util.c calls net buf reset on the result of smp packet alloc without first verifying if the result is NUL...

6.2CVSS5.9AI score0.00109EPSS
Exploits1References6
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•6 views

PT-2026-53937

These are all security issues fixed in the dash-0.5.13.4-1.1 package on the GA media of openSUSE Tumbleweed...

5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•8 views

PT-2026-53703

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description Processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling. Recommendations...

6.5CVSS5.9AI score0.00225EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•12 views

PT-2026-53640

Impact It was possible to overwrite Git configuration remotely and override some of its behavior. Resources Thanks to Jason Marcello for responsible disclosure...

9.1CVSS5.8AI score0.00489EPSS
Exploits0References11
Positive Technologies
Positive Technologies
•added 2026/06/29 12:0 a.m.•11 views

PT-2026-53618

Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...

9.8CVSS5.8AI score0.00831EPSS
Exploits1References7
Total number of security vulnerabilities184424