19189 matches found
PT-2025-41984
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
PT-2025-41977
Name of the Vulnerable Software and Affected Versions AOS-8 Controller/Mobility Conductor affected versions not specified Description An authenticated command injection flaw exists in the Command Line Interface CLI binary. Exploitation allows an attacker with valid credentials to execute arbitrar...
PT-2025-41976
Name of the Vulnerable Software and Affected Versions AOS-10 GW affected versions not specified AOS-8 Controller/Mobility Conductor affected versions not specified Description An arbitrary file write issue exists in the web-based management interface. Successful exploitation could allow an...
PT-2025-41979
Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system...
CVE-2025-0636 Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller
EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution...
CVE-2025-0636
CVE-2025-0636 affects Ericsson RAN Compute and Ericsson Site Controller (EMCLI). The issue is a high-severity vulnerability arising from improper neutralization of special elements used in an OS command, potentially enabling Arbitrary Code Execution. The publicly documented details across multipl...
CVE-2025-60268
An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of file checking in the saveFiles function in /jeewms/cgUploadController.do. An attacker with normal privileges was able to upload a malicious file that would lead to remote code execution...
Ericsson RAN Compute和Ericsson Site Controller 6610 安全漏洞
Ericsson RAN Compute and Ericsson Site Controller 6610 are both products of Ericsson, a Swedish company.Ericsson RAN Compute is a cloud-native software solution for handling computing functions in a RAN.Ericsson Site Controller 6610 is an intelligent power management controller for site...
PT-2025-46754
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to device minor number handling. Specifically, the device minor number is cleared after the device is released, which is incorrect. This issue...
CVE-2025-11581
A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...
PowerJob OpenAPIController is missing authorization
A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...
CVE-2025-11554
A security vulnerability has been detected in Portabilis i-Educar up to 2.9.10. Affected by this issue is some unknown functionality of the file app/Http/Controllers/AccessLevelController.php of the component User Type Handler. The manipulation leads to insecure inherited permissions. The attack...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via multiple APIs in OpenAPIController. An attacker can gain unauthorized access to sensitive information by sending crafted requests to the endpoints. Remediation There is no fixed version for...
CVE-2025-11581
A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...
EUVD-2025-33761
An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of file checking in the saveFiles function in /jeewms/cgUploadController.do. An attacker with normal privileges was able to upload a malicious file that would lead to remote code execution...
CVE-2025-60269
JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file...
CVE-2025-60269
JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file...
PT-2025-41576
Name of the Vulnerable Software and Affected Versions JEEWMS version 20250820 Description The software is susceptible to a SQL Injection issue within the exportXls function. This function is located in the file...
CVE-2025-60269
JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file...
PT-2025-46641
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the drm/xe/guc subsystem. Specifically, the issue relates to the handling of exec queue deregistration when the GuC Graphics Unit Controller is no...