CVE-2026-7707

A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udrnudrdrhandlesubscriptioncontext of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the argument pei results in denial of service. The attack can be launched remotely. The exploit has been made...

CVE-2025-7707

The llamaindex library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local users to overwrite, delete, or corrupt NLTK data files, leading to potential denial of service, dat...

aider-chat (=0.43.0), aimon-llamaindex (>=0.0.6 <=0.0.9) +689 more potentially affected by CVE-2025-7707 via llama-index-core (>=0.10.0 <=0.12.48)

llama-index-core PYPI version =0.10.0, =0.0.6, =1.1.0, =3.0.0, =1.7.0, =1.0.0, =0.0.3, =0.2.1, =0.2.1.dev0, =0.2.0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.4.0 and more Source cves: CVE-2025-7707 Source advisory: SNYK:PYTHON-LLAMAINDEXCORE-13541614...

CVE-2024-47903

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The web server of affected devices allows to write arbitrary files to t...

CVE-2024-47902

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The web server of affected devices does not authenticate GET requests...

CVE-2024-47904

CVE-2024-47904 affects Siemens InterMesh Subscriber devices: InterMesh 7177 Hybrid 2.0 Subscriber (all versions &lt; V8.2.12) and InterMesh 7707 Fire Subscriber (all versions

CVE-2024-47903

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The web server of affected devices allows to write arbitrary files to t...

CVE-2024-47902

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The web server of affected devices does not authenticate GET requests...

CVE-2024-47901

CVE-2024-47901 concerns InterMesh 7177 Hybrid 2.0 Subscriber (all versions &lt; V8.2.12) and InterMesh 7707 Fire Subscriber (all versions

Siemens InterMesh 7177和Siemens InterMesh 7707 操作系统命令注入漏洞

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. An operating system command injection vulnerability exists in Siemens InterMesh Subscriber Devices, which can be exploited by an attacker to execute arbitrary code with root...

Siemens InterMesh 7177和Siemens InterMesh 7707 安全漏洞

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. An incorrect privilege assignment vulnerability exists in Siemens InterMesh Subscriber Devices, which is due to an affected device containing a SUID binary file that can be exploit...

Siemens InterMesh 7177和Siemens InterMesh 7707 安全漏洞

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. A security vulnerability exists in Siemens InterMesh Subscriber Devices, which can be exploited by an attacker to write arbitrary files to the web server's DocumentRoot directory...

CVE-2024-7707

creationtimestamp| type| source ---|---|--- 2024-08-13 03:43:16+00:00| seen| https://t.me/cvedetector/2942...

MAL-2024-870 Malicious code in wlwz-2312-7707 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4627eb83d8f5670a2c27f6b9a4b6fc46351f1955473f267ebe81684c1e777d5b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2312-7707 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4627eb83d8f5670a2c27f6b9a4b6fc46351f1955473f267ebe81684c1e777d5b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Prototype Pollution in property-expr

Overview property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function. Recommendation Upgrade to version 2.0.3 or later References - CVE - GitHub Advisory...

CVE-2020-7707

The package property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function...

CVE-2020-7707

The package property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function...

CVE-2020-7707 Prototype Pollution

The package property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function...

CVE-2020-7707

CVE-2020-7707 affects the Node.js property-expr module (versions before 2.0.3). Root cause is a prototype pollution flaw in the setter function, enabling remote attackers to execute arbitrary code. Affected: property-expr