43 matches found
CVE-2026-44324 free5GC: UDR nudr-dr DELETE amf-subscriptions panics on missing UE state via nil interface type assertion (single authenticated request)
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/ueId/servingPlmnId/ee-subscriptions/subsId/amf-subscriptions handler panics on a single authenticated request against a fresh UDR instance when the supplied ueId does n...
Joplin 信息泄露漏洞
Joplin is an open-source note-taking and to-do application developed by Laurent Cozic. Joplin versions 3.5.2 and earlier contained a vulnerability that led to information leakage. This vulnerability originated from a logical error in the delta API, allowing recipients of shared notes to download...
Google Chrome Security Bypass Vulnerability (CNVD-2026-11754)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that originates from a security user interface error in split-screen view, which can be exploited by an attacker to bypass security restrictions...
EUVD-2017-17761
Malware in sbrugna...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of the acpidscallcontrolmethod function error, which could lead to reuse after release...
MAL-2025-39307 Malicious code in wind-interface-error-sed-char (npm)
The package wind-interface-error-sed-char was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2024-43818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: Adjust error handling in case of absent codec device acpigetfirstphysicalnode can...
Dust: Unauthorized Table Creation by Member
A member user was able to create tables inside restricted company data spaces, despite the UI indicating that only workspace builders admins should be allowed. The "Add Data" button appeared disabled in the UI, but it was still interactable and functional, allowing the member to successfully crea...
CVE-2025-26643
The UI performs the wrong action in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
Intel Server S2600BPBR 输入验证错误漏洞
Intel Server S2600BPBR is a server motherboard from Intel Corporation USA. The Intel Server S2600BPBR UEFI suffers from an input validation error vulnerability that stems from improper input validation. An attacker can exploit the vulnerability to elevate privileges...
CVE-2024-34537
TYPO3 before 13.3.1 allows denial of service interface error in the Bookmark Toolbar ext:backend, exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. The fixed versions are 10.4.46 ELTS, 11.5.40 LTS, 12.4.21...
TYPO3 10.0.0 < 10.4.46 ELTS / 11.0.0 < 11.5.40 / 12.0.0 < 12.4.21 / 13.0.0 < 13.3.1 (TYPO3-CORE-SA-2024-011)
The version of TYPO3 installed on the remote host is prior to 10.0.0 10.4.46 ELTS / 11.0.0 11.5.40 / 12.0.0 12.4.21 / 13.0.0 13.3.1. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2024-011 advisory. - Due to insufficient input validation, manipulated data saved i...
The vulnerability of the Google Chrome browser’s Navigation function, which allows attackers to perform spoofing attacks
The vulnerability of the Google Chrome browser’s Navigation function is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks using a specially created HTML page...
The vulnerability of the MSHTML platform in Microsoft Windows operating systems allows a hacker to execute a spoofing attack.
The vulnerability of the MSHTML platform in Microsoft Windows systems is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a remote attacker to perform a spoofing attack...
The vulnerability of Microsoft Edge browser on Android, related to information representation errors in the user interface, allows a hacker to perform a spear-phishing attack.
The vulnerability of Microsoft Edge browser on Android is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform a spear-phishing attack...
The vulnerability of the Microsoft Dynamics 365 resource planning software, related to errors in the user interface’s information presentation, allows a perpetrator to carry out spear-phishing attacks.
The vulnerability of the Microsoft Dynamics 365 resource planning software is related to errors in information presentation at the user interface level. Exploiting this vulnerability allows an attacker to carry out spear-phishing attacks remotely...
The vulnerability of Microsoft Edge browser on Android, related to information representation errors in the user interface, allows a hacker to perform a spear-phishing attack.
The vulnerability of Microsoft Edge browser on Android is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform a spear-phishing attack...
The vulnerability of Themes component in the Windows operating system, which allows a hacker to disclose protected information
The vulnerability of Themes component in the Windows operating system is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the system...
The vulnerability of Windows operating system DNS servers, which allows attackers to perform spoofing attacks
The vulnerability of DNS servers in Windows operating systems is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a malicious actor to perform spoofing attacks remotely...
The vulnerability of the Jupyter extension in Microsoft Visual Studio’s software development environment allows attackers to perform spear-phishing attacks.
The vulnerability of the Jupyter extension in Microsoft Visual Studio relates to errors in information presentation on the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks...