Lucene search
K

73 matches found

Circl
Circl
•added 2026/05/11 3:15 a.m.•8 views

CVE-2026-8252

creationtimestamp| type| source ---|---|--- 2026-05-11 03:15:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlkcom2pg62p...

6.5CVSS5.8AI score0.00378EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/05/10 11:15 p.m.•62 views

CVE-2026-8252 Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer dereference

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smfnsmfhandlecreatedatainhsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized...

5.3CVSS0.00378EPSS
Exploits1References5
CVE
CVE
•added 2026/05/10 11:15 p.m.•26 views

CVE-2026-8252

CVE-2026-8252 affects Open5GS up to version 2.7.7, specifically the SMF component and the function smf_nsmf_handle_create_data_in_hsmf . A manipulation in this area can lead to a null pointer dereference , with the attack possible remotely . Public exploitation has been disclosed and is actionabl...

6.5CVSS5.4AI score0.00378EPSS
Exploits1References5Affected Software1
OSV
OSV
•added 2026/04/18 3:31 p.m.•9 views

MINI-HHM7-PM7R-8252

Bulletin has no description...

5.6AI score
Exploits0
Nuclei
Nuclei
•added 2026/04/09 11:29 a.m.•5 views

WordPress Clean Login <= 1.14.5 Authenticated (Contributor+) - Local File Inclusion

The Clean Login plugin for WordPress up to version 1.14.5 contains a path traversal caused by the 'template' attribute in the clean-login-register shortcode, letting authenticated attackers with contributor access include and execute arbitrary files, exploit requires attacker to have contributor ...

8.8CVSS6.1AI score0.03034EPSS
Exploits0References2
EUVD
EUVD
•added 2025/10/07 12:30 a.m.•6 views

EUVD-2018-8252

Malware in sbrugna...

8.8CVSS8.6AI score0.04479EPSS
Exploits1References10
NVD
NVD
•added 2025/07/28 3:15 a.m.•6 views

CVE-2025-8252

A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletes5.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has be...

9.8CVSS0.00479EPSS
Exploits1References5
Vulnrichment
Vulnrichment
•added 2025/07/28 2:2 a.m.•3 views

CVE-2025-8252 code-projects Exam Form Submission delete_s5.php sql injection

A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletes5.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has be...

7.5CVSS7.5AI score0.00479EPSS
Exploits1References5
Cvelist
Cvelist
•added 2025/07/28 2:2 a.m.•12 views

CVE-2025-8252 code-projects Exam Form Submission delete_s5.php sql injection

A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletes5.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has be...

7.5CVSS0.00479EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
•added 2025/06/16 12:0 a.m.•5 views

TencentOS Server 3: libuv (TSSA-2022:0099)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0099 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.8CVSS7.4AI score0.23132EPSS
Exploits1References3
RedhatCVE
RedhatCVE
•added 2025/05/22 5:53 a.m.•5 views

CVE-2017-8252

Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdrago...

5.5CVSS5.7AI score0.00224EPSS
Exploits0References1
OSV
OSV
•added 2024/09/25 5:17 a.m.•4 views

CGA-8H3G-8252-QG48

Bulletin has no description...

7.5CVSS8.2AI score0.01127EPSS
Exploits0
Circl
Circl
•added 2024/08/30 1:8 p.m.•6 views

CVE-2024-8252

creationtimestamp| type| source ---|---|--- 2024-08-30 13:08:36+00:00| seen| https://t.me/cvedetector/4511 2026-04-08 08:56:40+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-8252.yaml 2026-04-10 21:03:07+00:00| seen|...

8.8CVSS4.8AI score0.03034EPSS
Exploits0References3
Cvelist
Cvelist
•added 2024/08/30 9:29 a.m.•36 views

CVE-2024-8252 Clean Login <= 1.14.5 - Authenticated (Contributor+) Local File Inclusion

The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and...

8.8CVSS0.03034EPSS
Exploits0References4
Veracode
Veracode
•added 2023/06/20 9:14 a.m.•17 views

Improper Authentication

doorkeeper is vulnerable to Improper Authentication. The vulnerability exists because user authentication is automatically processed without consent of the user if the authentication token matches, which is out of OAuth RFC 8252 spec, allowing an attacker to impersonate a user and possibly bypass...

6.5CVSS10AI score0.00716EPSS
Exploits1References10Affected Software2
OSV
OSV
•added 2023/06/12 7:50 p.m.•28 views

GHSA-7W2C-W47H-789W Doorkeeper Improper Authentication vulnerability

OAuth RFC 8252 says https://www.rfc-editor.org/rfc/rfc8252section-8.6 the authorization server SHOULD NOT process authorization requests automatically without user consent or interaction, except when the identity of the client can be assured. This includes the case where the user has previously...

4.2CVSS5.2AI score0.00716EPSS
Exploits1References10
ICS
ICS
•added 2022/08/30 12:0 a.m.•53 views

Hitachi Energy Gateway Station (GWS) Product

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Product Vulnerability: Inconsistent Interpretation of HTTP Requests, Use After Free, Classic Buffer Overflow, Integer Underflow, Improper Certificate...

4.3CVSS7.9AI score0.04803EPSS
Exploits0References5
OpenVAS
OpenVAS
•added 2022/01/28 12:0 a.m.•24 views

Mageia: Security Advisory (MGASA-2020-0398)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8AI score0.00714EPSS
Exploits0References5
OpenVAS
OpenVAS
•added 2022/01/28 12:0 a.m.•38 views

Mageia: Security Advisory (MGASA-2020-0372)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.87806EPSS
Exploits4References10
IBM Security Bulletins
IBM Security Bulletins
•added 2021/10/07 6:16 p.m.•38 views

Security Bulletin: Node.js as used by IBM Security QRadar Packet Capture contains multiple vulnerabilities (CVE-2020-8201, CVE-2020-8252, CVE-2020-8251, CVE-2020-8277)

Summary Node.js as used by IBM Security QRadar Packet Capture contains multiple vulnerabilities. Vulnerability Details CVEID: CVE-2020-8201 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by CR-to-Hyphen conversion. By sending specially crafted HTTP request headers, an attack...

7.8CVSS0.9AI score0.54164EPSS
Exploits0Affected Software1
Rows per page
Query Builder