70 matches found
CVE-2026-44315
The CVE describes a vulnerability in free5GC NEF where the 3gpp-pfd-management API is mounted without inbound OAuth2/bearer-token authorization prior to version 4.2.2. An attacker reachable on the SBI can forge Bearer tokens to create, read, and delete PFD-management transactions, with these acti...
CVE-2026-2284
The News Element Elementor Blog Magazine plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.8. This is due to a missing capability check and nonce verification on the 'necleandata' AJAX action. This makes it possible for authenticated attackers,...
Malicious Package
Overview ne-captcha is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious code in near_wildebeest_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1acc5e993378da6abaedc0f74708bf147a4580e59e4f2a26666eee7781cc371a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
NEOJAPAN desknets NEO 安全漏洞
NEOJAPAN desknets NEO is a large network group collaboration software from NEOJAPAN Japan. A security vulnerability exists in NEOJAPAN desknets NEO versions V4.0R1.0 through V9.0R2.0, which stems from improper protection of alternate paths and could lead to the creation of malicious AppSuite...
CVE-2021-26751
NeDi 1.9C allows an authenticated user to perform a SQL Injection in the Monitoring History function on the endpoint /Monitoring-History.php via the det HTTP GET parameter. This allows an attacker to access all the data in the database and obtain access to the NeDi application...
MAL-2024-11403 Malicious code in ne-captcha (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in ne-captcha (npm)
--- -= Per source details. Do not edit below this line.=-...
ne-tu.de Cross Site Scripting vulnerability OBB-3831815
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-22618
If Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative privileges by manipulating a web request. This affects for example WaveLite Metro 200 and Fan, WaveLite Metro 200 OPS and Fans, WaveLite Metro 200 and F2B...
aziz.sakura.ne.jp Cross Site Scripting vulnerability OBB-3510257
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ne-tu.de Cross Site Scripting vulnerability OBB-3265577
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ne-tu.de Cross Site Scripting vulnerability OBB-3157309
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2022-5438 · Moxa · Moxa Ne-4100T
Name of the Vulnerable Software and Affected Versions: Moxa NE-4100T affected versions not specified Description: The issue is related to insufficient authentication procedure in the firmware of the Moxa NE-4100T serial interface converter. It allows a remote attacker to potentially elevate their...
cgi.www5b.biglobe.ne.jp Cross Site Scripting vulnerability OBB-2914544
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
new packages: hunspell-ne
An update is available for hunspell-ne. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
Out-of-bounds Read in r_bin_ne_get_entrypoints function
Description Out-of-bounds OOB read vulnerability exists in rbinnegetentrypoints function in Radare2 5.6.7 Version bash radare2 5.6.7 27777 @ linux-x86-64 git.5.6.6 commit: 0c4af43def68ce29f7a74847bb1b7286da155200 build: 2022-04-1008:53:32 Analysis The vulnerability exists due to the invalid type...
CVE-2022-1238
Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...
UBUNTU-CVE-2022-1238
Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...
radare2 缓冲区错误漏洞
Radare2 is a set of libraries and tools for working with binary files. Radare2 is vulnerable to a buffer overflow vulnerability that originates in libr/bin/format/ne/ne.c when executing operations on memory that do not properly validate data boundaries. An attacker could exploit this vulnerabilit...