73 matches found
CVE-2026-8252
creationtimestamp| type| source ---|---|--- 2026-05-11 03:15:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlkcom2pg62p...
CVE-2026-8252 Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer dereference
A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smfnsmfhandlecreatedatainhsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized...
CVE-2026-8252
CVE-2026-8252 affects Open5GS up to version 2.7.7, specifically the SMF component and the function smf_nsmf_handle_create_data_in_hsmf . A manipulation in this area can lead to a null pointer dereference , with the attack possible remotely . Public exploitation has been disclosed and is actionabl...
MINI-HHM7-PM7R-8252
Bulletin has no description...
WordPress Clean Login <= 1.14.5 Authenticated (Contributor+) - Local File Inclusion
The Clean Login plugin for WordPress up to version 1.14.5 contains a path traversal caused by the 'template' attribute in the clean-login-register shortcode, letting authenticated attackers with contributor access include and execute arbitrary files, exploit requires attacker to have contributor ...
EUVD-2018-8252
Malware in sbrugna...
CVE-2025-8252
A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletes5.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has be...
CVE-2025-8252 code-projects Exam Form Submission delete_s5.php sql injection
A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletes5.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has be...
CVE-2025-8252 code-projects Exam Form Submission delete_s5.php sql injection
A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletes5.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has be...
TencentOS Server 3: libuv (TSSA-2022:0099)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0099 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2017-8252
Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdrago...
CGA-8H3G-8252-QG48
Bulletin has no description...
CVE-2024-8252
creationtimestamp| type| source ---|---|--- 2024-08-30 13:08:36+00:00| seen| https://t.me/cvedetector/4511 2026-04-08 08:56:40+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-8252.yaml 2026-04-10 21:03:07+00:00| seen|...
CVE-2024-8252 Clean Login <= 1.14.5 - Authenticated (Contributor+) Local File Inclusion
The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and...
Improper Authentication
doorkeeper is vulnerable to Improper Authentication. The vulnerability exists because user authentication is automatically processed without consent of the user if the authentication token matches, which is out of OAuth RFC 8252 spec, allowing an attacker to impersonate a user and possibly bypass...
GHSA-7W2C-W47H-789W Doorkeeper Improper Authentication vulnerability
OAuth RFC 8252 says https://www.rfc-editor.org/rfc/rfc8252section-8.6 the authorization server SHOULD NOT process authorization requests automatically without user consent or interaction, except when the identity of the client can be assured. This includes the case where the user has previously...
Hitachi Energy Gateway Station (GWS) Product
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Product Vulnerability: Inconsistent Interpretation of HTTP Requests, Use After Free, Classic Buffer Overflow, Integer Underflow, Improper Certificate...
Mageia: Security Advisory (MGASA-2020-0398)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0372)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Node.js as used by IBM Security QRadar Packet Capture contains multiple vulnerabilities (CVE-2020-8201, CVE-2020-8252, CVE-2020-8251, CVE-2020-8277)
Summary Node.js as used by IBM Security QRadar Packet Capture contains multiple vulnerabilities. Vulnerability Details CVEID: CVE-2020-8201 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by CR-to-Hyphen conversion. By sending specially crafted HTTP request headers, an attack...