cramfs-tools 路径遍历漏洞

cramfs-tools is a compression read-only file system tool developed by Nicolas Pitre. Versions of cramfs-tools 2.1 and earlier contained a path traversal vulnerability, which originated from a function in the Directory Handler component called dodirectory in the cramfsck.c file, which allowed for...

PT-2026-39903

Name of the Vulnerable Software and Affected Versions bird-lg-go versions prior to 1.4.5 Description The apiHandler and webHandlerTelegramBot functions process user-provided JSON payloads using json.NewDecoderr.Body.Decode&request without restricting the maximum read size. An unauthenticated remo...

Linux Distros Unpatched Vulnerability : CVE-2026-5246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384...

Cisco Unity Connection Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)

According to its self-reported version, Cisco Unity Connection is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Unity Connection due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after...

CVE-2026-8248

A vulnerability was detected in Open5GS up to 2.7.7. The affected element is the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and may b...

CVE-2026-8251

A vulnerability was found in Open5GS up to 2.7.7. This impacts the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. Performing a manipulation results in denial of service. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-8251

A vulnerability was found in Open5GS up to 2.7.7. This impacts the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. Performing a manipulation results in denial of service. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-8249

Open5GS up to version 2.7.7 is affected. The vulnerable element is the function update_authorized_pcc_rule_and_qos in file /src/smf/npcf-handler.c (SMF component). The issue allows remote denial of service through manipulation described in the CVE, with exploitation possible and an exploit publis...

CVE-2026-8248

A vulnerability was detected in Open5GS up to 2.7.7. The affected element is the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and may b...

CVE-2026-8248

CVE-2026-8248 affects Open5GS up to 2.7.7, specifically the SMF component. The issue is in the function update_authorized_pcc_rule_and_qos within /src/smf/npcf-handler.c and results in a denial of service . The vulnerability can be exploited remotely; the exploit is public. No remediation details...

CVE-2026-8248 Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qos denial of service

A vulnerability was detected in Open5GS up to 2.7.7. The affected element is the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and may b...

CVE-2021-47930 Balbooa Joomla Forms Builder 2.0.6 SQL Injection Unauthenticated

Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection vulnerability in the form submission handler that allows remote attackers to execute arbitrary SQL queries. Attackers can send POST requests to the combaforms component with malicious JSON payloads in the 'id' field...

CVE-2021-47930

Balbooa Joomla Forms Builder 2.0.6 is affected by an unauthenticated SQL injection in the form submission handler. The vulnerability can be triggered by sending POST requests to the com_baforms component with malicious JSON payloads in the 'id' field, enabling remote attackers to extract sensitiv...

EUVD-2026-28988

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

CVE-2026-8235

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

CVE-2026-8235

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

CVE-2026-8222

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...

EUVD-2026-28949

A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the component Grid File Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit h...

EUVD-2026-28947

A vulnerability was detected in codelibs Fess up to 15.5.1. Affected by this issue is the function update of the file org/codelibs/fess/app/web/admin/design/AdminDesignAction.java of the component JSP File Handler. The manipulation of the argument content results in code injection. The attack may...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the GDSDfldsrch function of the Grid File Handler component. An attacker can execute arbitrary code or cause a denial of service by supplying crafted input that triggers a heap-based buffer overflow during...