UBUNTU-CVE-2025-21525

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromi...

CVE-2024-6466

NEC Corporation's WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset configurations or restart products via network with X-FRAME-OPTIONS is not specified...

CVE-2024-6466

NEC Corporation's WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset configurations or restart products via network with X-FRAME-OPTIONS is not specified...

CVE-2024-6466

NEC Corporation's WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset configurations or restart products via network with X-FRAME-OPTIONS is not specified...

CVE-2023-37030

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP Initial UE Message packet missing an expected eNBUES1APID field...

CVE-2023-37039

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allow network-adjacent attackers to crash the MME via an S1AP Initial UE Message packet missing an expected RRC Establishment Clause field...

CVE-2023-37036

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP Uplink NAS Transport packet missing an expected ENBUES1APID field...

PT-2025-4269 · Oracle · Oracle Hospitality Opera 5

Name of the Vulnerable Software and Affected Versions: Oracle Hospitality OPERA 5 versions 5.6.19.20 through 5.6.27.1 Description: This issue allows an unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. Successful attacks can result in unauthorized...

CVE-2023-37025

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP Reset packet missing an expected ResetType field...

CVE-2023-37035

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP S1Setup Request packet missing an expected Global eNB ID field...

CVE-2023-37026

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP E-RAB Release Response packet missing an expected MMEUES1APID field...

CVE-2023-37027

Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP E-RAB Modification Indication packet missing an expected eNBUES1APID field...

CVE-2023-37027

CVE-2023-37027 concerns Magma’s Mobile Management Entity (MME). A null pointer dereference in Magma ≤ 1.8.0 can crash the MME when processing an S1AP “E-RAB Modification Indication” packet that omits the expected eNB_UE_S1AP_ID field. This is fixed in Magma v1.9, commit 08472ba98b8321f802e95f5622...

PT-2025-4272 · Oracle · Oracle Financial Services Behavior Detection Platform

Name of the Vulnerable Software and Affected Versions: Oracle Financial Services Behavior Detection Platform versions 8.0.8.1, 8.1.2.7, 8.1.2.8 Description: The issue is related to insufficient input validation in the Oracle Financial Services Behavior Detection Platform, allowing an...

CVE-2023-37031

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP eNB Configuration Transfer packet missing its required Target eNB ID field...

CVE-2023-37037

Magma's Mobile Management Entity (MME) contains a null pointer dereference in versions

PT-2025-1261 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.13.07.13 Description: A critical issue has been found in the function formSetDevNetName of the file /goform/SetDevNetName, which affects the Tenda AC15 router. The manipulation of the argument mac leads to a stack-based...

CVE-2024-8603

A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used in B&R Automation Runtime versions before 6.1 and B&R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices...

CVE-2025-21389

Uncontrolled resource consumption in Windows Universal Plug and Play UPnP Device Host allows an unauthorized attacker to deny service over a network...

CVE-2025-0061 Multiple vulnerabilities in SAP BusinessObjects Business Intelligence Platform

SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, due to an information disclosure vulnerability. Attacker can access and modify all the data of the application...