CVE-2026-42459

CVE-2026-42459 documents an improper input validation flaw in free5GC UDM: the SDM (nudm-sdm) service does not validate the SUPI parameter in six GET handlers, allowing an unauthenticated attacker to inject control characters into SUPI. This can cause UDM to forward a malformed URL to UDR and ret...

CVE-2024-31844

An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application errors. In some cases, this leads to a disclosure of information about the server. An unauthenticated user is able craft specific requests in order to make the application generate an error. Inside a...

CVE-2023-20609

In ccu, there is a possible out of bounds read due to a logic error. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07570864; Issue ID: ALPS07570864...

Information Disclosure

chromium is vulnerable to information disclosure. The vulnerability exists due to a use-after-free error within UI framework in Google Chrome. A remote attacker can trick the victim into visiting a specially crafted web page, trigger a use-after-free error and gain access to sensitive information...

Discuz! trade.php 数据库'注射'漏洞

文件trade.php: $message = trim$message; if$message $message = daddslashes$tradelog'message', 1."\t\t\t".$discuzuid."\t".$discuzuser."\t".$timestamp."\t".nl2brstriptagssubstr$message, 0, 200; //$message用substr处理了下,取前200个字符 else $message = daddslashes$tradelog'message', 1; $db-query"UPDATE...