CVE-2026-25659 Ericsson Packet Core Gateway (PCG) - Improper handling of missing values Vulnerability

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Missing Values CWE-230 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers...

CVE-2026-25659

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Missing Values CWE-230 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers...

CVE-2026-25657

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure CWE-228 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the...

SourceCodester Customer Review App security vulnerabilities

SourceCodester Customer Review App is an open-source customer review application developed by SourceCodester. Version 1.0 of the SourceCodester Customer Review App contains a security vulnerability. This vulnerability stems from incorrect handling of parameters name and comment in the functions...

Path Traversal

.NET Core is vulnerable to Path Traversal. The vulnerability is due to improper handling of specially crafted files, which allows an attacker to write arbitrary files and directories to unintended locations on a vulnerable system...

Exploit for Improper Handling of Length Parameter Inconsistency in Linux Linux_Kernel

CVE-2026-31635...

Drupal core SQL注入漏洞

Drupal Core is a free, open-source content management system developed in PHP by the Drupal community. Versions of Drupal Core from 8.9.0 to 10.4.10, from 10.5.0 to 10.5.10, from 10.6.0 to 10.6.9, from 11.0.0 to 11.1.10, from 11.2.0 to 11.2.12, and from 11.3.0 to 11.3.10 have SQL injection...

EUVD-2026-30846

Improper Check or Handling of Exceptional Conditions vulnerability in Samsung Open Source Escargot allows Input Data Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

Apache OFBiz 安全漏洞

Apache OFBiz is an ERP system developed by the Apache Foundation in the United States. This system provides a complete set of Java-based web application components and tools. Versions of Apache OFBiz prior to 24.09.06 contained security vulnerabilities, which were caused by improper handling of...

PT-2026-41838

Improper Check or Handling of Exceptional Conditions vulnerability in Samsung Open Source Escargot allows Input Data Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

apache-struts-cve-2017-56...

OX Dovecot Pro / CE Improper Handling / Denial of Service / Bypass

OX Dovecot Pro and Ox Dovecot CE suffer from bypass, denial of service, and insecure handling vulnerabilities. Versions affected vary based on the issue...

Exploit for Improper Handling of Exceptional Conditions in Newtonsoft Json.Net

Browser + CLI Demo NuGet/C — .NET 7 Edition Why a .NET...

Akıllı E-Commerce Website SQL注入漏洞

Akıllı E-Commerce Website is an e-commerce website system developed by the Turkish company Akıllı, aimed at online retail and digital sales scenarios. Versions of Akıllı E-Commerce Website prior to 4.5.001 contained a SQL injection vulnerability. This vulnerability stemmed from improper...

Improper Handling of Exceptional Conditions

Overview @opentelemetry/exporter-prometheus is an OpenTelemetry Exporter Prometheus provides a metrics endpoint for Prometheus Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions via the PrometheusExporter process. An attacker can cause the process to...

Improper Handling of Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions through improper handling of notification delivery failures in the FlushNotifications process. An attacker can cause the service to terminate unexpectedly by supplying a crafted notifyUri that...

Improper Handling of Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions in the token revocation process. An attacker can maintain unauthorized access by using a stolen access token that was issued with no expiration, as the token cannot be invalidated through...

Improper Handling of Exceptional Conditions

Overview granian is an A Rust HTTP server for Python applications Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions through the WSGI response conversion process. An attacker can cause the worker process to abort by supplying or influencing invalid HTT...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview exifreader is a Library that parses Exif metadata in images. Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification due to decompressing PNG zTXt metadata without enforcing a built-in maximum decompressed output size. When...

Security Bulletin:Werkzeug safe_join function allows path segments with Windows device names containing file extensions or trailing spaces

Summary Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly...