Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 10 PACKETSTORM:215377

📄 Qualys Security Advisory – Exim 21Nails Advisory_PACKETSTORM:215377

Qualys audited central parts of the Exim mail server and discovered 21 vulnerabilities, with 11 being local vulnerabilities and 10 being remote vul...

N/A N/A PACKETSTORM
CRITICAL 9.8 PACKETSTORM:215279

📄 Ivanti Endpoint Manager Mobile (EPMM) Unauthenticated Remote Code Execution_PACKETSTORM:215279

This Metasploit module exploits a OS command injection issue in Ivanti Endpoint Manager Mobile EPMM, formerly known as MobileIron. A remote attacke...

N/A N/A PACKETSTORM
HIGH 7.5 PACKETSTORM:215214

📄 crypto/x509 TLS Certificate Parsing_PACKETSTORM:215214

This Go program demonstrates a theoretical denial of service risk associated with handling unusually large X.509 certificates in TLS connections. I...

N/A N/A PACKETSTORM
HIGH 7.1 PACKETSTORM:215212

📄 Samsung MP3 Decoder Out-Of-Bounds Read_PACKETSTORM:215212

Proof of concept exploit for a Samsung MP3 Decoder smp123djointstereov1 out-of-bounds read enabling potential ASLR bypass...

N/A N/A PACKETSTORM
NONE PACKETSTORM:215238

📄 openSIS Classic 9.2 Path Traversal_PACKETSTORM:215238

openSIS Classic version 9.2 suffers from a path traversal vulnerability that allows for local file inclusion...

N/A N/A PACKETSTORM
CRITICAL 9.8 PACKETSTORM:215255

📄 Palo Alto Networks PAN-OS 11.2 PHP Code Injection_PACKETSTORM:215255

Palo Alto Networks PAN-OS version 11.2 proof of concept remote command execution exploit that also leverages an authentication bypass vulnerability...

N/A N/A PACKETSTORM
CRITICAL 9.8 PACKETSTORM:215265

📄 yuan1994 tpadmin Shell Upload_PACKETSTORM:215265

yuan1994 tpadmin versions up to 1.3.12 suffers from a remote shell upload vulnerability...

N/A N/A PACKETSTORM
CRITICAL 9.8 PACKETSTORM:215222

📄 jsonpath 1.1.1 Prototype Pollution_PACKETSTORM:215222

Proof of concept exploit for a prototype pollution vulnerability in jsonpath version 1.1.1, where unsafe writes to $.constructor.prototype allows a...

N/A N/A PACKETSTORM
CRITICAL 9.8 PACKETSTORM:215250

📄 Oracle Access Manager 12.2.1.4.0 Insecure Deserialization_PACKETSTORM:215250

Proof of concept exploit for an unauthenticated Java deserialization vulnerability in the OpenSSO Agent component of Oracle Access Manager that all...

N/A N/A PACKETSTORM
CRITICAL 9.1 PACKETSTORM:215166

📄 Next.js 15.2.3 Middleware Authorization Bypass_PACKETSTORM:215166

This Python script checks whether a website built with Next.js is vulnerable to CVE‑2025‑29927, a middleware authorization bypass flaw triggered by...

N/A N/A PACKETSTORM