CVE-2026-22789 WebErpMesv2 has a File Upload Validation Bypass Leading to RCE

WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, WebErpMesv2 contains a file upload validation bypass vulnerability in multiple controllers that allows authenticated users to upload arbitrary files, including PHP scripts, leading to Remote...

GHSA-CQVV-R3G3-26RF free5GC udm vulnerable to Invalid Curve Attack

pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its...

CVE-2023-46324

pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its...

PT-2022-11523 · Ping Identity · Pingid Android App +1

Name of the Vulnerable Software and Affected Versions: PingID Android app versions prior to 1.19 Description: The issue is related to a misconfiguration of RSA in the PingID Android app, which makes it vulnerable to pre-computed dictionary attacks. This vulnerability can lead to an offline MFA...

PYSEC-2021-856

Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays...

DBD-Firebird Stack Buffer Overflow Vulnerability

DBD-Firebird is the Firebird Foundation of an open source cross-platform relational database system . The system supports multi-user environment of the database server operation , support for providing embedded database implementation and so on. A stack buffer overflow vulnerability exists in...