Lucene search
+L

49 matches found

cnnvd
cnnvd
added 2025/11/24 12:0 a.m.10 views

free5GC 安全漏洞

free5GC is an open source project for 5th Generation 5G mobile core networks open sourced by free5GC. A security vulnerability exists in free5GC versions 4.0.0 and 4.0.1, which stems from the NnssfNSSAIAvailability API mishandling of ad-hoc POST requests, which could lead to a denial of service...

7.5CVSS6.2AI score0.0031EPSS
Exploits1References3
patchstack
patchstack
added 2025/11/17 10:25 p.m.8 views

WordPress Post Type Switcher plugin <= 4.0.0 - Insecure Direct Object Reference to Authenticated (Author+) Post Type Change vulnerability

Insecure Direct Object Reference to Authenticated Author+ Post Type Change vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Post Type Switcher versions = 4.0.0...

5.4CVSS7AI score0.00279EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2025/11/12 12:0 a.m.14 views

PT-2025-46673

Name of the Vulnerable Software and Affected Versions Golemiq 0 Day Analytics versions through 4.0.0 Description A flaw exists in Golemiq 0 Day Analytics that allows for SQL Injection due to improper neutralization of special elements used in SQL commands. The issue allows attackers to inject...

7.6CVSS7.1AI score0.00255EPSS
Exploits0References3
osv
osv
added 2025/10/06 5:16 p.m.4 views

CVE-2025-60965

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts...

9.1CVSS6AI score0.01231EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/10/06 12:0 a.m.2 views

CVE-2025-60961

Cross Site Scripting XSS vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts...

5.8AI score0.00182EPSS
Exploits0References2
cve
cve
added 2025/10/06 12:0 a.m.18 views

CVE-2025-60959

The CVE-2025-60959 entry concerns OS Command Injection in EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware. Affected product/version: Sonoma D12 NTP GPS F/W 6010-0071-000, Ver 4.00. Underlying cause is described as an OS command injection vulnerability, enabling attackers to disc...

8.2CVSS6.9AI score0.00759EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-26160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for maud which is allowed by the specification...

7.5CVSS6.7AI score0.02158EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/05/29 12:0 a.m.4 views

free5GC 安全漏洞

free5GC is a 5th Generation 5G mobile core network open source project by free5GC open source. A security vulnerability exists in free5GC version 4.0.0, which stems from a buffer overflow in the AMF component that could lead to a denial of service...

5.4CVSS6.7AI score0.00309EPSS
Exploits2References2
ossf
ossf
added 2025/03/10 9:48 a.m.6 views

Malicious code in patternfly-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 057836fcde782f283efd1e52688d31d8375cd7d963b136908d1457ea24e64193 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
cnnvd
cnnvd
added 2025/01/20 12:0 a.m.6 views

IBM DevOps Velocity和IBM UrbanCode Velocity 安全漏洞

IBM DevOps Velocity and IBM UrbanCode Velocity are both products of International Business Machines IBM.IBM DevOps Velocity is an enterprise-class release management application that supports cloud-native and local deployments.IBM UrbanCode Velocity is an enterprise-class release management and...

4CVSS6AI score0.00206EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/12/06 12:0 a.m.7 views

phpMyFAQ 安全漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A security vulnerability exists in phpMyFAQ versions prior to 4.0.0, which stems from exposing the database server credentials when a connection to the DB fails...

8.6CVSS6.4AI score0.00487EPSS
Exploits1References2
osv
osv
added 2024/07/02 9:15 a.m.6 views

CVE-2024-37030

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free...

9.8CVSS6.3AI score0.00569EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/07/02 12:0 a.m.3 views

OpenHarmony Security Vulnerabilities

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony prior to version v4.0.0. A remote attacker could exploit the vulnerability to execute arbitrary code in a pre-installe...

9.8CVSS7.6AI score0.0062EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/05/07 12:0 a.m.7 views

OpenHarmony 安全漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v4.0.0 and earlier. A local attacker could exploit this vulnerability to execute arbitrary code in TCB via...

7.8CVSS7.3AI score0.00199EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/01/09 12:0 a.m.13 views

PT-2024-10238 · Ibm · Ibm Devops Velocity +1

Name of the Vulnerable Software and Affected Versions: IBM DevOps Velocity version 5.0.0 IBM UrbanCode Velocity versions 4.0.0 through 4.0.25 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive...

7.5CVSS7AI score0.00311EPSS
Exploits0References11
cnnvd
cnnvd
added 2023/08/11 12:0 a.m.4 views

AudioCodes VoIP Trust Management Issues Vulnerability

AudioCodes VoIP is a series of desk phones from the Israeli company AudioCodes. A security vulnerability exists in AudioCodes VoIP desk phones version 3.4.4.1000 and earlier versions, which stems from the use of hard-coded keys in libacdes3.so...

7.5CVSS6.7AI score0.01131EPSS
Exploits2References5
osv
osv
added 2023/06/06 5:15 p.m.2 views

DEBIAN-CVE-2023-31606

A Regular Expression Denial of Service ReDoS issue was discovered in the sanitizehtml function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

7.5CVSS7.2AI score0.01513EPSS
Exploits1References1
redhat
redhat
added 2023/03/22 10:38 a.m.5 views

openssl: X.400 address type confusion in X.509 GeneralName

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...

7.4CVSS6.8AI score0.59501EPSS
Exploits0References5
vulnersosv
vulnersosv
added 2023/02/01 9:30 p.m.9 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +233 more potentially affected by CVE-2023-23969 via django (>=4.0.0 <=4.0.8)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =3.1.1, =3.6.4, =0.10.0, =1.1.2, =0.2.0, =0.6.1, =0.6.10 and more Source cves: CVE-2023-23969 Source advisory: OSV:GHSA-Q2JF-H9JM-M7P4...

7.5CVSS6.6AI score0.47102EPSS
Exploits0
osv
osv
added 2022/03/10 8:15 p.m.4 views

CVE-2021-39025

IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863...

5.3CVSS6AI score0.00575EPSS
Exploits0References2
Rows per page
Query Builder