CVE-2025-5645

A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of ...

PT-2025-23656 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open5GS versions up to 2.7.3 Description: A vulnerability was found in the function gmm state authentication/emm state authentication of the component AMF/MME. The manipulation leads to reachable assertion. It is possible to launch the attack...

PT-2025-23502 · Nekernal · Nekernal

Name of the Vulnerable Software and Affected Versions: NeKernal version 0.0.2 Description: NeKernal is a free and open-source operating system stack. It has a 1-byte heap overflow in the rt copy memory function, which unconditionally writes a null terminator at dstlen. When len equals the size of...

PT-2025-27715

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.13.0-rc3-syzkaller-gdfa94ce54f41 Description: A use-after-free issue has been identified in the Linux kernel, specifically in the page pool recycle in ring function. This issue was reported by syzbot and is...

CVE-2024-8135

A vulnerability classified as critical has been found in Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310. Affected is the function Sign of the file pkg/token/token.go. The manipulation of the argument config.key leads to hard-coded credentials. Continious delivery with rolling...

CVE-2024-34354

CMSaaSStarter is a SaaS template/boilerplate built with SvelteKit, Tailwind, and Supabase. Any forks of the CMSaaSStarter template before commit 7904d416d2c72ec75f42fbf51e9e64fa74062ee6 are impacted. The issue is the user JWT Token is not verified on server session. You should take the patch...

CVE-2024-8334

A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/log.go. The manipulation leads to improper output neutralization for logs. The attack may be...

CVE-2023-2862

A vulnerability, which was classified as problematic, was found in SiteServer CMS up to 7.2.1. Affected is an unknown function of the file /api/stl/actions/search. The manipulation of the argument ajaxDivId leads to cross site scripting. It is possible to launch the attack remotely. The exploit h...

CVE-2022-3783

A vulnerability, which was classified as problematic, has been found in node-red-dashboard. This issue affects some unknown processing of the file components/ui-component/ui-component-ctrl.js of the component uitext Format Handler. The manipulation leads to cross site scripting. The attack may be...

CVE-2022-4773

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic was found in cloudsync. Affected by this vulnerability is the function getItem of the file src/main/java/cloudsync/connector/LocalFilesystemConnector.java. The manipulation leads to path traversal. It is possible to launch the...

CVE-2022-3950

A vulnerability, which was classified as problematic, was found in sanluan PublicCMS. Affected is the function initLink of the file dwz.min.js of the component Tab Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is...

CVE-2022-4494

A vulnerability, which was classified as critical, has been found in bspkrs MCPMappingViewer. Affected by this issue is the function extractZip of the file src/main/java/bspkrs/mmv/RemoteZipHandler.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack may be...

CVE-2022-3957

A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svgparsepreserveaspectratio of the file scenegraph/svgattributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the...

CVE-2021-4257

A vulnerability was found in ctrlo lenio. It has been declared as problematic. This vulnerability affects unknown code of the file views/task.tt of the component Task Handler. The manipulation of the argument site.org.name/check.name/task.tasktype.name/task.name leads to cross site scripting. The...

CVE-2020-36638

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Chris92de AdminServ. It has been rated as problematic. This issue affects some unknown processing of the file resources/core/adminserv.php. The manipulation of the argument error leads to cross site scripting. The attack may be initiated...

CVE-2012-10003

A vulnerability, which was classified as problematic, has been found in ahmyi RivetTracker. This issue affects some unknown processing. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack may be initiated remotely. The patch is named...

CVE-2017-20173

A vulnerability was found in AlexRed contentmap. It has been rated as critical. Affected by this issue is the function Load of the file contentmap.php. The manipulation of the argument contentid leads to sql injection. The name of the patch is dd265d23ff4abac97422835002c6a47f45ae2a66. It is...

CVE-2015-10045

A vulnerability, which was classified as critical, was found in tutrantta projecttodolist. Affected is the function getAffectedRows/where/insert/update in the library library/Database.php. The manipulation leads to sql injection. The name of the patch is 194a0411bbe11aa4813f13c66b9e8ea403539141. ...

CVE-2015-10024

A vulnerability classified as critical was found in hoffie larasync. This vulnerability affects unknown code of the file repository/content/filestorage.go. The manipulation leads to path traversal. The name of the patch is 776bad422f4bd4930d09491711246bbeb1be9ba5. It is recommended to apply a pat...

CVE-2015-10044

A vulnerability classified as critical was found in gophergala sqldump. This vulnerability affects unknown code. The manipulation leads to sql injection. The patch is identified as 76db54e9073b5248b8863e71a63d66a32d567d21. It is recommended to apply a patch to fix this issue. VDB-218350 is the...