Lucene search
K

22178 matches found

Packet Storm News
Packet Storm News
added 2026/02/02 12:0 a.m.5 views

Yii Framework 2.0.9 Reflected Cross Site Scripting

A reflected cross site scripting vulnerability exists in Yii Framework version 2.0.9 and earlier versions before 2.0.14. The vulnerability exists in the error handler component. This issue is older research added to the archive...

7.5CVSS4.9AI score0.02913EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.11 views

PT-2026-5589

A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is the function sgwc s11 handle create indirect data forwarding tunnel request of the file /src/sgwc/s11-handler.c of the component SGWC. Such manipulation leads to reachable assertion. The attack may be launched remotely...

6.9CVSS5.5AI score0.00609EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.3 views

PT-2026-5590

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function sgwc s5c handle create bearer request of the file /src/sgwc/s5c-handler.c of the component CreateBearerRequest Handler. Performing a manipulation results in reachable assertion. Remote exploitation of the...

6.9CVSS5.8AI score0.00492EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.12 views

PT-2026-5588

A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...

4.6CVSS5.6AI score0.01067EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.7 views

Yealink MeetingBar A30 命令注入漏洞

The Yealink MeetingBar A30 is a video conference terminal produced by the Chinese company Yealink. The Yealink MeetingBar A30 version 133.321.0.3 has a command injection vulnerability. This vulnerability stems from certain unknown processing steps in the Diagnostic Handler component, which may le...

4.6CVSS5.8AI score0.01067EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/31 3:21 p.m.6 views

CVE-2026-1684

A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcpreports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The attack can be executed remotely. It is advisable to...

7.5CVSS5.7AI score0.00504EPSS
Exploits1References1
NVD
NVD
added 2026/01/31 12:16 p.m.10 views

CVE-2025-71180

In the Linux kernel, the following vulnerability has been resolved: counter: interrupt-cnt: Drop IRQFNOTHREAD flag An IRQ handler can either be IRQFNOTHREAD or acquire spinlockt, as CONFIGPROVERAWLOCKNESTING warns: ============================= BUG: Invalid wait context 6.18.0-rc1+git... 1...

5.5CVSS0.00149EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/31 12:30 a.m.6 views

EUVD-2020-30947

FTPDummy 4.80 contains a local buffer overflow vulnerability in its preference file handling that allows attackers to execute arbitrary code. Attackers can craft a malicious preference file with carefully constructed shellcode to trigger a structured exception handler overwrite and execute system...

8.4CVSS6.3AI score0.00157EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/30 10:7 p.m.4 views

CVE-2020-37029 FTPDummy 4.80 - Local Buffer Overflow

FTPDummy 4.80 contains a local buffer overflow vulnerability in its preference file handling that allows attackers to execute arbitrary code. Attackers can craft a malicious preference file with carefully constructed shellcode to trigger a structured exception handler overwrite and execute system...

8.4CVSS6AI score0.00157EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/30 10:7 p.m.21 views

CVE-2020-37029 FTPDummy 4.80 - Local Buffer Overflow

FTPDummy 4.80 contains a local buffer overflow vulnerability in its preference file handling that allows attackers to execute arbitrary code. Attackers can craft a malicious preference file with carefully constructed shellcode to trigger a structured exception handler overwrite and execute system...

8.4CVSS0.00157EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/30 10:7 p.m.4 views

CVE-2019-25232

NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client...

9.8CVSS6.3AI score0.00439EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/30 10:7 p.m.3 views

CVE-2019-25232 NetPCLinker 1.0.0.0 - Buffer Overflow

NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client...

9.8CVSS6.1AI score0.00439EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/30 3:40 p.m.15 views

CVE-2026-1586

A flaw has been found in Open5GS up to 2.7.5. Impacted is the function ogsgtp2fteidtoip of the file /sgwc/s11-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been published and may be used. It is...

7.5CVSS5.4AI score0.0051EPSS
Exploits1References1
OSV
OSV
added 2026/01/30 2:16 p.m.3 views

CVE-2026-1683

A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by this vulnerability is the function HandlePfcpSessionReportRequest of the file internal/pfcp/handler/handler.go of the component PFCP. The manipulation leads to denial of service. Remote exploitation of the attack is possible...

7.5CVSS4.9AI score
Exploits0References8
OSV
OSV
added 2026/01/30 12:28 p.m.6 views

OESA-2026-1274 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515...

2.9CVSS5.9AI score0.0017EPSS
Exploits0References2
OSV
OSV
added 2026/01/30 12:28 p.m.6 views

OESA-2026-1272 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515...

2.9CVSS5.9AI score0.0017EPSS
Exploits0References2
OSV
OSV
added 2026/01/30 12:28 p.m.9 views

OESA-2026-1264 thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.CVE-2025-14321 Sandbox escape due to incorrect boundary conditions in...

9.8CVSS6AI score0.0057EPSS
Exploits2References24
SUSE CVE
SUSE CVE
added 2026/01/30 12:25 a.m.5 views

SUSE CVE-2026-23014

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.5 views

free5GC security vulnerabilities

Free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of Free5GC 4.1.0 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling in the HandleReports function within the PFCP UDP Endpoint component, located in the...

7.5CVSS6.1AI score0.00504EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.6 views

PT-2026-5467

Port Forwarding Wizard 4.8.0 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code through a long request in the Register feature. Attackers can craft a malicious payload with an egg tag and overwrite SEH handlers to potentially execute shellcode on...

8.4CVSS6.4AI score0.00157EPSS
Exploits0References4
Rows per page
Query Builder