16 matches found
free5GC 安全漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the absence of authentication middleware in the PCF NpcfSMPolicyControl component, which could allow...
CVE-2025-63560
CVE-2025-63560 affects KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder Firmware v1.20.0006. A remote attacker can cause a denial of service via the systemctrl API, System/reFactory component. Public details confirm the vulnerability and affected version; no exploit specifics are provide...
EUVD-2022-51048
Malicious code in bioql PyPI...
EUVD-2024-32751
Malicious code in bioql PyPI...
CVE-2024-4196
An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1...
CVE-2024-4196
CVE-2024-4196 – Avaya IP Office Web Control RPC/RCE issue. The vulnerability stems from improper input validation in the Web Control component of Avaya IP Office, enabling remote code execution via a crafted web request. Affected products: Avaya IP Office (Web Control) prior to version 11.1.3.1. ...
Avaya IP Office Security Breach
Avaya IP Office is a small business phone system from Avaya USA. A security vulnerability exists in Avaya IP Office versions prior to 11.1.3.1, which originated from a vulnerability that allows remote commands or code to be executed via a specially crafted web request to the web control component...
CVE-2018-25093 Vaerys-Dawn DiscordSailv2 Tag access control
A vulnerability was found in Vaerys-Dawn DiscordSailv2 up to 2.10.2. It has been rated as critical. Affected by this issue is some unknown functionality of the component Tag Handler. The manipulation leads to improper access controls. Upgrading to version 2.10.3 is able to address this issue. The...
CVE-2022-48349
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability...
CVE-2022-48349
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability...
Spoofing
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability...
CVE-2022-48349
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability...
CVE-2022-48349
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability...
CVE-2022-48349
CVE-2022-48349 affects Huawei HarmonyOS: a spoofing vulnerability in the control component may compromise confidentiality and availability. CVSS v3.1 base score 9.1 (CRITICAL); attack vector NETWORK, complexity LOW, privileges NONE, user interaction NONE, with CONFIDENTIALITY and AVAILABILITY imp...
PT-2023-15725 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: Control component affected versions not specified Description: The issue is related to a spoofing vulnerability in the control component. Successful exploitation of this vulnerability may impact confidentiality and availability...
WebLogic WLS core components deserialization Vulnerability, CVE-2018-2628-a vulnerability warning-the black bar safety net
Vulnerability/event summary Beijing Time 4 month 18 days morning, Oracle officially released 4 months a critical patch update CPU CriticalPatchUpdate,which contains a high risk of the Weblogic deserialization VulnerabilityCVE-2018-2628, by the vulnerability, the attacker may unauthorized remote...