CVE-2026-2141

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...

CVE-2026-1736 Open5GS SGWC s11-handler.c assertion

A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is the function sgwcs11handlecreateindirectdataforwardingtunnelrequest of the file /src/sgwc/s11-handler.c of the component SGWC. Such manipulation leads to reachable assertion. The attack may be launched remotely. The...

CVE-2026-1736 Open5GS SGWC s11-handler.c assertion

A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is the function sgwcs11handlecreateindirectdataforwardingtunnelrequest of the file /src/sgwc/s11-handler.c of the component SGWC. Such manipulation leads to reachable assertion. The attack may be launched remotely. The...

CVE-2026-1586

A flaw has been found in Open5GS up to 2.7.5. Impacted is the function ogsgtp2fteidtoip of the file /sgwc/s11-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been published and may be used. It is...

CVE-2025-15539 Open5GS sgwc s11-handler.c sgwc_s11_handle_downlink_data_notification_ack denial of service

A vulnerability was determined in Open5GS up to 2.7.6. Impacted is the function sgwcs11handledownlinkdatanotificationack of the file src/sgwc/s11-handler.c of the component sgwc. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been publicly...

PT-2026-3405

Name of the Vulnerable Software and Affected Versions Open5GS versions through 2.7.6 Description A flaw exists in Open5GS that can lead to a denial of service. The issue is located in the sgwc s11 handle downlink data notification ack function within the src/sgwc/s11-handler.c file of the sgwc...

CVE-2021-2177

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization component: Gateway. The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global...

CVE-2024-28716

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component...

CVE-2025-2905

Due to the improper configuration of XML parser, user-supplied XML is parsed without applying sufficient restrictions, enabling XML External Entity XXE resolution in multiple WSO2 Products. A successful XXE attack could allow a remote, unauthenticated attacker to: Read sensitive files from the...

CVE-2024-28717

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component...

CVE-2021-2177

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization component: Gateway. The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global...

CVE-2021-20078

CVE-2021-20078 affects ManageEngine OpManager (builds below 125346). A path traversal flaw in the spark gateway component enables remote denial of service by deleting arbitrary directories on the OS. Multiple connected sources (Red Hat, CNVD, CVE registries) confirm the same description; no explo...

Oracle PeopleSoft PeopleSoft Enterprise HCM Candidate Gateway Component Has Unspecified Vulnerability

Oracle PeopleSoft Enterprise is an enterprise human capital management solution. A security vulnerability exists in the Oracle PeopleSoft Enterprise PeopleSoft Enterprise HCM Candidate Gateway component, which can be exploited by remote attackers to compromise system confidentiality...

Sun Java System Portal Server Multiple Cross Site Scripting Vulnerabilities

Sun Java System Portal Server is prone to multiple unspecified Cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Sun Java System Portal Server Multiple Cross Site Scripting Vulnerabilities

This host is running Sun Java System Portal Server and is prone to multiple unspecified Cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavasystemportalserverxssvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ Sun Java System Portal Server Multiple Cross Site Scripting...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-4187

Multiple cross-site scripting XSS vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...