49 matches found
free5GC 安全漏洞
free5GC is an open source project for 5th Generation 5G mobile core networks open sourced by free5GC. A security vulnerability exists in free5GC versions 4.0.0 and 4.0.1, which stems from the NnssfNSSAIAvailability API mishandling of ad-hoc POST requests, which could lead to a denial of service...
WordPress Post Type Switcher plugin <= 4.0.0 - Insecure Direct Object Reference to Authenticated (Author+) Post Type Change vulnerability
Insecure Direct Object Reference to Authenticated Author+ Post Type Change vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Post Type Switcher versions = 4.0.0...
PT-2025-46673
Name of the Vulnerable Software and Affected Versions Golemiq 0 Day Analytics versions through 4.0.0 Description A flaw exists in Golemiq 0 Day Analytics that allows for SQL Injection due to improper neutralization of special elements used in SQL commands. The issue allows attackers to inject...
CVE-2025-60965
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts...
CVE-2025-60961
Cross Site Scripting XSS vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts...
CVE-2025-60959
The CVE-2025-60959 entry concerns OS Command Injection in EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware. Affected product/version: Sonoma D12 NTP GPS F/W 6010-0071-000, Ver 4.00. Underlying cause is described as an OS command injection vulnerability, enabling attackers to disc...
Linux Distros Unpatched Vulnerability : CVE-2020-26160
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for maud which is allowed by the specification...
free5GC 安全漏洞
free5GC is a 5th Generation 5G mobile core network open source project by free5GC open source. A security vulnerability exists in free5GC version 4.0.0, which stems from a buffer overflow in the AMF component that could lead to a denial of service...
Malicious code in patternfly-build (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 057836fcde782f283efd1e52688d31d8375cd7d963b136908d1457ea24e64193 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
IBM DevOps Velocity和IBM UrbanCode Velocity 安全漏洞
IBM DevOps Velocity and IBM UrbanCode Velocity are both products of International Business Machines IBM.IBM DevOps Velocity is an enterprise-class release management application that supports cloud-native and local deployments.IBM UrbanCode Velocity is an enterprise-class release management and...
phpMyFAQ 安全漏洞
phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A security vulnerability exists in phpMyFAQ versions prior to 4.0.0, which stems from exposing the database server credentials when a connection to the DB fails...
CVE-2024-37030
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free...
OpenHarmony Security Vulnerabilities
OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony prior to version v4.0.0. A remote attacker could exploit the vulnerability to execute arbitrary code in a pre-installe...
OpenHarmony 安全漏洞
OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v4.0.0 and earlier. A local attacker could exploit this vulnerability to execute arbitrary code in TCB via...
PT-2024-10238 · Ibm · Ibm Devops Velocity +1
Name of the Vulnerable Software and Affected Versions: IBM DevOps Velocity version 5.0.0 IBM UrbanCode Velocity versions 4.0.0 through 4.0.25 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive...
AudioCodes VoIP Trust Management Issues Vulnerability
AudioCodes VoIP is a series of desk phones from the Israeli company AudioCodes. A security vulnerability exists in AudioCodes VoIP desk phones version 3.4.4.1000 and earlier versions, which stems from the use of hard-coded keys in libacdes3.so...
DEBIAN-CVE-2023-31606
A Regular Expression Denial of Service ReDoS issue was discovered in the sanitizehtml function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +233 more potentially affected by CVE-2023-23969 via django (>=4.0.0 <=4.0.8)
django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =3.1.1, =3.6.4, =0.10.0, =1.1.2, =0.2.0, =0.6.1, =0.6.10 and more Source cves: CVE-2023-23969 Source advisory: OSV:GHSA-Q2JF-H9JM-M7P4...
CVE-2021-39025
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863...