CVE-2026-27642

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters e.g., %00 into the supi parameter, triggering internal URL parsing errors net/url:...

CVE-2026-27642 free5GC has Improper Input Validation in UDM UEAU Service

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters e.g., %00 into the supi parameter, triggering internal URL parsing errors net/url:...

CVE-2025-69253

Summary: CVE-2025-69253 affects free5GC UDR (versions up to 1.4.1) with improper error handling in NEF that exposes internal parsing error details to remote clients, enabling service fingerprinting. The vulnerability specifically impacts deployments using the Nnef_PfdManagement service. The root ...

CVE-2025-69253 free5GC vulnerable to improper error handling in NEF with information exposure

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of the User Data Repository are affected by Improper Error Handling with Information Exposure. The NEF component reliably leaks internal parsing error details e.g., invalid character '...

CVE-2025-69248

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. Remote unauthenticated attackers can crash the AMF service by sending a specially crafted NA...

PT-2022-17905 · Undefined · Undefined

ParsedReport 19-12-2022 Veeam Fixes Critical Vulnerabilities in Backup & Replication Software CVE-2022-26500 & CVE-2022-26501 https://socradar.io/veeam-fixes-critical-vulnerabilities-in-backup-replication-software-cve-2022-26500-cve-2022-26501 Threats: Monti Yanluowang Empire loader CVEs:...

Ongoing Exploitation of Windows Installer CVE-2021-41379

CVE | Vendor Advisory | AttackerKB | IVM Content | Patching Urgency | Last Update ---|---|---|---|---|--- CVE-2021-41379 | Microsoft Advisory | AttackerKB | Scheduled when patched | ASAP when released | December 3, 2021 3:00 PM ET See the Updates section at the end of this post for new informatio...

Exploit for CVE-2021-2109

CVE-2021-2109: WebLogic Server Remote Code Execution Vulnerabili...

PT-2018-1311 · Microsoft +3 · Ie +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows VBScript Engine versions prior to the fixed version Description: A remote code execution issue exists in the way the VBScript engine handles objects in memory. This allows remote attackers to execute arbitrary code and affec...

CVE-2017-0283: Windows Uniscribe remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

The last“patch Tuesday”to fix the one named“USP10! MergeLigRecords in Windows Uniscrible font processing heap broken ring”RCE vulnerability. Many days after the Google Project Zero team of Mateusz Jurczyk released a PoC of the report. In the Windows of the library at the same time the presence of...

SEC Consult SA-20140716-0 :: Multiple SSRF vulnerabilities in Alfresco Community Edition

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20140716-0 ======================================================================= title: Multiple SSRF vulnerabilities product: Alfresco Community Edition vulnerable version: =4.2.f fixed version: 5.0.a...

VP-ASP Shopping Cart 6.50 ShopContent.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24033/info VP-ASP Shopping Cart is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

Microsoft Word Zero-Day Vulnerability is being exploited in the Wild

Microsoft warned about a zero-day vulnerability in Microsoft Word that is being actively exploited in targeted attacks and discovered by the Google security team. “At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010…” company said. According to Microsoft's...

pChart 2.1.3 - Multiple Vulnerabilities

pChart 2.1.3 - Multiple Vulnerabilities Exploit Title: pChart 2.1.3 Directory Traversal and Reflected XSS Date: 2014-01-24 Exploit Author: Balazs Makany Vendor Homepage: www.pchart.net Software Link: www.pchart.net/download Google Dork: intitle:"pChart 2.x - examples" intext:"2.1.3" Version: 2.1....

ShopEx API injection vulnerability-vulnerability warning-the black bar safety net

Detailed description The defect file: \core\api\payment\2.0\apib2b20paymentcfg.php core\api\payment\1.0\apib2b20paymentcfg.php Section 4 row 4 $data'columns' do not filter lead injection REF: http://www.cnseay.com/3237/ Vulnerability hazard The administrator password can be used by hackers to get...

JRE remote code execution 0DAY-vulnerability warning-the black bar safety net

Warning: this site provides programmethodmay carry offensive,for security research and teaching purposes,at your own risk! // // CVE-2 0 1 2-XXXX Java 0day // // reported here: http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html // // secret host / ip : ok.aa24.net /...

KesionCMS section of the news site management system to V7. 0 0day-vulnerability warning-the black bar safety net

Pass to kill KesionCMS v7. 0 version, use conditions must be based on iis7. 0 erection. （A bit tasteless） it!!! The first step: registered users: http://www.. com /? do=reg Second step: access to photo album directly to the point of bulk upload fake good the jpg in a word, do not select a picture...

超级巡警avtsafe.sys <= 1.0.0.4 本地内核拒绝服务漏洞

超级巡警是专门查杀并可辅助查杀各种木马、流氓软件、利用Rootkit技术的各种后门和其它恶意代码间谍软件、蠕虫病毒等等 超级巡警的驱动avtsafe.sys所有挂钩函数没有任何参数校验 超级巡警avtsafe.sys = 1.0.0.4 暂无，请关注官方补丁 http://www.sucop.com/...

phpcms 2 0 0 8 product.php the pagesize parameter code injection vulnerability-vulnerability warning-the black bar safety net

SSV-Appdir: phpcms Published: 2011-10-12 Affected version: phpcms 2 0 0 8 Vulnerability description: phpcms 2 0 0 8 of the code due to the template parameter improper handling can lead to arbitrary execution of arbitrary code file. The specific code triggering the path is this: phpcms/yp/product...

WanHu ezEIP 2.0 injection vulnerability and fix-vulnerability warning-the black bar safety net

Vulnerability author: akast Detailed description: Vulnerability file:/caseinfo. asp Vulnerability variable: Newid=1&cid=1 Software type: business software Vulnerability Description: The You can use the injection vulnerability to get the site administrator permissions, so you can login to the...