175406 matches found
PT-2026-43957
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A flaw exists in the zram module where partial discard requests are not properly handled. When a partial discard is requeste...
PT-2026-44002
Name of the Vulnerable Software and Affected Versions RabbitMQ versions 4.2.0 through 4.2.3 Description The MQTT plugin in RabbitMQ allows topic-level authorization using regular expressions with variable substitution. When administrators use patterns like ^client id-sensors$ to restrict access,...
PT-2026-43503
The Endless Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access a...
PT-2026-43919
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Ceph component of the Linux kernel where d add can be called on a negative dentry that is already present in the primary dcache hash. This occurs because certain...
PT-2026-43894
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the net/smc module where a CLC decline can be received during the early stages of a handshake, before the...
PT-2026-43926
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the KVM nSVM component, an issue exists where the current RIP Instruction Pointer is incorrectly used as the NextRIP in vmcb02 after the first L2 VMRUN. For guests with NRIPS disabled...
PT-2026-43676
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the SLIP Serial Line IP implementation where the slhc init function allows a configuration with rslots set to 0, indicating no receive compression. In this state, the...
PT-2026-43911
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the ipmi:ssif component where a kernel thread kthread is not properly stopped if an error occurs after it...
PT-2026-43897
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A memory leak occurs in the EDAC/versalnet component within the mc probe function. The of parse phandle function returns a device node reference that requires release via of node put. The...
PT-2026-43901
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A NULL pointer dereference exists in the interrupt trigger path of the vfio/cdx module. The vfio cdx set msi trigger function fails to validate if Message Signaled Interrupts MSI are...
PT-2026-43671
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the arena vm close function during a fork operation. The arena vm open function increments the vml-mmap count but fails to register the child Virtual...
PT-2026-43935
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A memory leak occurs in the Linux kernel crypto nx component. The functions nx842 crypto alloc ctx and nx842 crypto free ctx allocate bounce buffers using get free pages with a specific...
PT-2026-43940
Content removed...
PT-2026-43855
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A flaw in the rxrpc component allows RESPONSE packets to enter a partially decrypted state if a temporary failure occurs...
PT-2026-43861
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the command file write handler where it allocates a kernel buffer based on a user-provided count but fails to validate this buffer against the dot command protocol before...
PT-2026-43824
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue in the Linux kernel can lead to a deadloop within the rcu read unlock function due to softirq. This occurs because recursion-protection code was removed from the rcu read unlock...
PT-2026-43854
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description In the KVM nSVM component, the nested sync control from vmcb02 function fails to synchronize the int state field, specifically bit 0 SVM INTERRUPT SHADOW MASK, from vmcb02 to the cached...
PT-2026-43529
The Shortcode Buddy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 0.1.9.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acces...
PT-2026-43692
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in ni read folio cmpr Syzbot reported a task hung in ni readpage cmpr now ni read folio cmpr. This is caused by a lock inversion deadlock involving the inode mutex ni lock and page locks. Scenario: 1. Task ...
PT-2026-44625
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An out of bounds write occurs in ANGLE, which is a compatibility layer that allows OpenGL ES to run on various graphics APIs. This issue allows a remote attacker who has already...
PT-2026-43551
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ssoabstractservice due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
PT-2026-44040
Name of the Vulnerable Software and Affected Versions Raynet rvia versions prior to 12.6 Update 8 Description Command injection occurs when the software performs a Java search using the find command. An adversary can execute arbitrary Java code by providing a crafted path that matches improperly...
PT-2026-44060
Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.0 Description The Text component in this open-source low-code platform renders markdown by assigning the output of the marked.parsemarkdown function directly to innerHTML without using a sanitizer. This creates ...
PT-2026-43584
Name of the Vulnerable Software and Affected Versions Synology Contacts versions prior to 1.0.10-20659 Description Improper neutralization of input during web page generation leads to a Cross-site Scripting XSS issue in the contact functionality. This allows remote authenticated users to read or...
PT-2026-43666
Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 4.08.253...
PT-2026-44090
pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data...
PT-2026-43639
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...
PT-2026-43847
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2 release resource Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling befo...
PT-2026-44031
Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxes/detachall.cgi...
PT-2026-43720
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory corruption issue exists in the drm/amdgpu component. The function amdgpu discovery get nps info allocates memory for ranges using kvcalloc, which may utilize vmalloc for large...
PT-2026-43748
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the svs enable debug write function. The buf variable, which is allocated by memdup user nul, is not properly released if the kstrtoint function fails...
PT-2026-43688
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the DisplayPort Multi-Stream Transport MST component where releasing a timeslot can lead to an incorrect payload mask due to an overflow. This occurs if the delayed...
PT-2026-43764
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter nft counter component where concurrent dump-and-reset operations can lead to value underrunning. This occurs because parallel resets may read the same...
PT-2026-43525
The hk shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title-plane' shortcode in versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes in the huankong post short title plane...
PT-2026-43659
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nexcess WPComplete wpcomplete allows Stored XSS.This issue affects WPComplete: from n/a through = 2.9.5.4...
PT-2026-44109
Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.8.7 Description pam usb provides hardware authentication for Linux using removable media. The pamusb-pinentry component reads the PINENTRY FALLBACK APP environment variable and executes it without validation. A...
PT-2026-43834
In the Linux kernel, the following vulnerability has been resolved: bpf: Return proper address for non-zero offsets in insn array The map direct value addr function of the instruction array map incorrectly adds offset to the resulting address. This is a bug, because later the resolve pseudo ldimm...
PT-2026-43992
Name of the Vulnerable Software and Affected Versions PostgreSQL Anonymizer versions prior to 3.1.0 Description An issue allows a user to obtain superuser privileges by creating a table and embedding malicious code within a column identifier. When a superuser invokes the k-anonymity function, the...
PT-2026-44016
Name of the Vulnerable Software and Affected Versions Jenkins AppSpider Plugin versions prior to 1.0.18 Description A missing permission check in a method implementing form validation allows users with Overall/Read permissions to trigger a connection to an attacker-specified URL. Recommendations...
PT-2026-45978
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.12 and 1.7.1, an unauthenticated open redirect in Authlib's OpenIDImplicitGrant and OpenIDHybridGrant authorization endpoint lets a remote attacker cause the authorization server to issue an HTTP 302 to an...
PT-2026-44019
Jenkins Job Import Plugin 143.v044a 2e819b 27 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
PT-2026-44051
Name of the Vulnerable Software and Affected Versions TeamSpeak 3 Server versions prior to 3.13.8 Description A heap-based buffer overflow exists in the ECC Key Parser component. This issue allows a remote attacker to cause a memory corruption by manipulating the parser, which handles Elliptic...
PT-2026-43974
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SeedProd LLC SeedProd Pro allows PHP Local File Inclusion. This issue affects SeedProd Pro: from n/a before 6.19.5...
PT-2026-43640
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Contact Form 7 ht-contactform allows Stored XSS.This issue affects HT Contact Form 7: from n/a through = 2.8.2...
PT-2026-43820
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still unwritten, any new write should force rcw, as bitmap ops-blocks synced is checked in handle stripe dirtying. However, later the same check i...
PT-2026-43789
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the RDMA/mlx5 component within the UVERBS HANDLERMLX5 IB METHOD GET DATA DIRECT SYSFS PATH function. The function uses kobject get path to allocate memory for the...
PT-2026-43981
Name of the Vulnerable Software and Affected Versions IBM Db2 versions 12.1.0 through 12.1.4 Description An authorization bypass occurs when uploading to a remote object storage path using a special query. Recommendations At the moment, there is no information about a newer version that contains ...
PT-2026-43800
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF verifier where the sync linked regs function incorrectly copies the ID of a known register to another register when propagating bounds. Specifically, if a...
PT-2026-43576
Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors...
PT-2026-43774
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix deadlocks between devlink and netdev instance locks In the mentioned "Fixes" commit, various work tasks triggering devlink health reporter recovery were switched to use netdev trylock to protect against concurrent...