CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

527 matches found

Adobe AEM Dispatcher <4.15 - Rules Bypass

Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors. id: CVE-2016-0957 info: name: Adobe AEM Dispatcher 4.15 - Rules Bypass author: geeknik severity:...

7.8CVSS7.2AI score0.93186EPSS

Exploits0References5

NVD•added 2 days ago•7 views

CVE-2026-37223

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert. A remote unauthenticated attacker can send any decodable E2AP PDU with a message type not in the whitelist to crash the iApp...

7.5CVSS0.00081EPSS

Exploits0References2

Cvelist•added 2 days ago•20 views

CVE-2026-37223

0.00081EPSS

Exploits0References2

Vulnrichment•added 2 days ago•6 views

CVE-2026-37223

5.8AI score0.00081EPSS

Exploits0References2

CVE•added 2 days ago•8 views

CVE-2026-37223

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert(), allowing a remote unauthenticated attacker to send decodable E2AP PDUs with a type not in the whitelist to crash the iApp proce...

7.5CVSS5.8AI score0.00081EPSS

Exploits0References2

Positive Technologies•added 2 days ago•4 views

PT-2026-45453

5.8AI score0.00081EPSS

Exploits0References3

Positive Technologies•added 5 days ago•5 views

PT-2026-45053

Summary The fix for GHSA-9mqq-jqxf-grvw / CVE-2026-44336 is incomplete. The original advisory description named four vulnerable handlers in mcp server/adapters/cli tools.py: "registers four file-handling tools by default, praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and...

9.6CVSS6AI score0.00135EPSS

Exploits1References3

NVD•added 2026/05/26 10:16 p.m.•6 views

CVE-2026-45298

Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy the documented quickstart, no DOZZLEAUTHPROVIDER set, POST /api/notifications/test-webhook is reachable without authentication and forwards an attacker-controlled URL into a WebhookDispatcher that...

8.6CVSS0.00026EPSS

Exploits1References2

EUVD•added 2026/05/26 10:1 p.m.•5 views

EUVD-2026-32019

8.6CVSS5.9AI score0.00026EPSS

Exploits1References2

CNNVD•added 2026/05/26 12:0 a.m.•3 views

Dozzle 代码问题漏洞

Dozzle is a small, lightweight application developed by Amir Raminfar as an individual project. Versions of Dozzle prior to 10.5.2 had code vulnerabilities. These vulnerabilities stemmed from the fact that the POST /api/notifications/test-webhook endpoint was not authenticated during default...

8.6CVSS5.8AI score0.00026EPSS

Exploits1References2

Github Security Blog•added 2026/05/18 6:31 a.m.•2 views

AMF Vulnerable to Improper Resource Shutdown or Release

A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to null pointer dereference. The attack can be executed remotely. The exploit has been disclosed publicl...

5.3CVSS5.4AI score0.00017EPSS

Exploits0References9Affected Software1

NVD•added 2026/05/18 4:16 a.m.•10 views

CVE-2026-8783

5.3CVSS0.00017EPSS

Exploits0References7

Snyk•added 2026/05/18 3:47 a.m.•1 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds via an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation leads to memory corruption. The attack may be initiated remotely. The exploit is publicly available and might b...

5.3CVSS5.5AI score0.00052EPSS

Exploits0References2

Github Security Blog•added 2026/05/18 3:31 a.m.•3 views

AMF Improperly Restricts Operations within the Bounds of a Memory Buffer

A vulnerability was identified in omec-project amf up to 2.1.3-dev. The affected element is an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation leads to memory corruption. The attack may be initiated remotely. The exploit is publicly availabl...

5.3CVSS5.5AI score0.00052EPSS

Exploits0References9Affected Software1

OSV•added 2026/05/18 3:31 a.m.•1 views

GHSA-3X4G-259H-5P7C AMF Improperly Restricts Operations within the Bounds of a Memory Buffer

5.3CVSS5.4AI score0.00052EPSS

Exploits0References8

NVD•added 2026/05/18 2:16 a.m.•6 views

CVE-2026-8780

5.3CVSS0.00052EPSS

Exploits0References7

Cvelist•added 2026/05/18 2:15 a.m.•29 views

CVE-2026-8783 omec-project amf dispatcher.go UERadioCapabilityCheckResponse null pointer dereference

5.3CVSS0.00017EPSS

Exploits0References7

Vulnrichment•added 2026/05/18 2:15 a.m.•4 views

CVE-2026-8783 omec-project amf dispatcher.go UERadioCapabilityCheckResponse null pointer dereference

5.3CVSS5.4AI score0.00017EPSS

Exploits0References7

CVE•added 2026/05/18 2:15 a.m.•8 views

CVE-2026-8783

CVE-2026-8783 affects omec-project AMF up to version 2.1.3-dev. The vulnerability targets the UERadioCapabilityCheckResponse function in ngap/dispatcher.go and causes a null pointer dereference, with remote execution potential. Public exploit details exist. The issue is addressed by upgrading to ...

5.3CVSS5.4AI score0.00017EPSS

Exploits0References7

CVE•added 2026/05/18 1:30 a.m.•7 views

CVE-2026-8780

The CVE-2026-8780 affects omec-project amf up to 2.1.3-dev, in the NGAP Message Handler’s ngap/dispatcher.go. The issue involves a memory corruption vulnerability in an unknown function, potentially exploitable remotely. An exploit exists publicly, and upgrading to 2.2.0 is reported to fix this i...

5.3CVSS5.5AI score0.00052EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by