16 matches found
DEBIAN-CVE-2026-31595
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...
Exploit for CVE-2025-61675
FreePBX-Multiple-CVEs-2025 This repository documents three se...
CVE-2025-67513
CVE-2025-67513 affects FreePBX Endpoint Manager (module for managing telephony endpoints in FreePBX). Versions prior to 16.0.96 and 17.0.1 through 17.0.9 use a weak default 6‑digit app_password, which can be brute-forced. Depending on local configuration, this password could grant access to the e...
FreePBX SQL Injection Vulnerability (CNVD-2025-3038208)
FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk IP telephony system through a GUI web-based graphical interface. FreePBX suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered S...
CVE-2025-62173
Summary Authenticated SQL Injection Vulnerability in Endpoint Module Rest API...
CVE-2025-62173
Summary Authenticated SQL Injection Vulnerability in Endpoint Module Rest API...
FreePBX SQL注入漏洞
FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk IP telephony system through a GUI web-based graphical interface. FreePBX suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered S...
CVE-2025-62173
Summary Authenticated SQL Injection Vulnerability in Endpoint Module Rest API...
CVE-2025-62173 Authenticated SQL Injection in Endpoint Module Rest API
Summary Authenticated SQL Injection Vulnerability in Endpoint Module Rest API...
EUVD-2025-201138
Summary Authenticated SQL Injection Vulnerability in Endpoint Module Rest API...
CVE-2025-62173 Authenticated SQL Injection in Endpoint Module Rest API
Summary Authenticated SQL Injection Vulnerability in Endpoint Module Rest API...
CVE-2025-62173
CVE-2025-62173 is an authenticated SQL injection affecting the FreePBX ERP Endpoint Module Rest API. The vulnerability arises from a lack of validation of externally supplied SQL statements in the Endpoint Module Rest API, enabling an authenticated attacker to execute arbitrary SQL commands and p...
PT-2025-48999
Summary Authenticated SQL Injection Vulnerability in Endpoint Module Rest API...
Vulnerability fixed in FreePBX
FreePBX has fixed a vulnerability in versions 15, 16 and 17. The vulnerability allows attackers to gain unauthorized access and potentially execute remote code by exploiting a validation and remediation error in the processing of user-supplied input, such as in the "endpoint" module. FreePBX...
PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio'
...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a null pointer dereference in the PCI:endpoint:epf-mhi module when DT is missing mmio...