CVE-2025-15454 zhanglun lettura RSS ContentRender.tsx cross site scripting

A vulnerability was detected in zhanglun lettura up to 0.1.22. This issue affects some unknown processing of the file src/components/ArticleView/ContentRender.tsx of the component RSS Handler. The manipulation results in cross site scripting. The attack can be executed remotely. This attack is...

Linux Distros Unpatched Vulnerability : CVE-2023-54203

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1...

CVE-2026-21432

Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability that can lead to account takeover, including takeover of admin accounts. As of time of publication, no known patched versions are available...

CVE-2026-21431

Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability in the Resource media library function while publishing an article. As of time of publication, no known patched versions are available...

CVE-2026-21430 Emlog: CSRF chained with stored XSS leads to ATO

Emlog is an open source website building system. In version 2.5.23, article creation functionality is vulnerable to cross-site request forgery CSRF. This can lead to a user being forced to post an article with arbitrary, attacker-controlled content. This, when combined with stored cross-site...

CVE-2026-21429

Emlog is an open source website building system. In version 2.5.23, the admin can set controls which makes users unable to edit or delete their articles after publishing them. As of time of publication, no known patched versions are available...

CVE-2026-21429 Emlog has Broken Access Control (BAC)

Emlog is an open source website building system. In version 2.5.23, the admin can set controls which makes users unable to edit or delete their articles after publishing them. As of time of publication, no known patched versions are available...

CVE-2025-54166 QTS, QuTS hero

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following versions: QTS...

CVE-2025-15419

A weakness has been identified in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c of the component GTPv2-C Flow Handler. Executing a manipulation can lead to denial of service. The attack needs to be launched locall...

CVE-2025-15418

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function ogsgtp2parsebearerqos in the library lib/gtp/v2/types.c of the component Bearer QoS IE Length Handler. Performing a manipulation results in denial of service. The attack must be initiated fr...

PT-2026-1035

Name of the Vulnerable Software and Affected Versions Open5GS versions through 2.7.6 Description A weakness exists in Open5GS that can lead to a denial of service. The issue is related to the sgwc s5c handle create session response function within the src/sgwc/s5c-handler.c file of the GTPv2-C Fl...

CVE-2025-15418 Open5GS Bearer QoS IE Length types.c ogs_gtp2_parse_bearer_qos denial of service

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function ogsgtp2parsebearerqos in the library lib/gtp/v2/types.c of the component Bearer QoS IE Length Handler. Performing a manipulation results in denial of service. The attack must be initiated fr...

CVE-2025-15418 Open5GS Bearer QoS IE Length types.c ogs_gtp2_parse_bearer_qos denial of service

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function ogsgtp2parsebearerqos in the library lib/gtp/v2/types.c of the component Bearer QoS IE Length Handler. Performing a manipulation results in denial of service. The attack must be initiated fr...

CVE-2025-15417 Open5GS GTPv2-C F-TEID s11-handler.c sgwc_s11_handle_create_session_request denial of service

A vulnerability was identified in Open5GS up to 2.7.6. Affected is the function sgwcs11handlecreatesessionrequest of the file src/sgwc/s11-handler.c of the component GTPv2-C F-TEID Handler. Such manipulation leads to denial of service. The attack must be carried out locally. The exploit is public...

PT-2026-24937

A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin process texml of the file src/filters/load text.c of the component TeXML File Parser. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack on the local host. The explo...

PT-2026-1034

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7 Description A security issue exists in Open5GS. The ogs gtp2 parse bearer qos function within the Bearer QoS IE Length Handler component, located in lib/gtp/v2/types.c, is susceptible to manipulation, leading to...

CVE-2023-7331

A vulnerability was detected in PKrystian Full-Stack-Bank up to bf73a0179e3ff07c0d7dc35297cea0be0e5b1317. This vulnerability affects unknown code of the component User Handler. Performing manipulation results in sql injection. It is possible to initiate the attack remotely. This product is using ...

CVE-2023-7331 PKrystian Full-Stack-Bank User sql injection

A vulnerability was detected in PKrystian Full-Stack-Bank up to bf73a0179e3ff07c0d7dc35297cea0be0e5b1317. This vulnerability affects unknown code of the component User Handler. Performing manipulation results in sql injection. It is possible to initiate the attack remotely. This product is using ...

CVE-2023-52969 affecting package mariadb for versions less than 10.6.24-1

CVE-2023-52969 affecting package mariadb for versions less than 10.6.24-1. A patched version of the package is available...

PT-2025-54456

Name of the Vulnerable Software and Affected Versions PKrystian Full-Stack-Bank versions prior to bf73a0179e3ff07c0d7dc35297cea0be0e5b1317 Description A flaw exists in the User Handler component of PKrystian Full-Stack-Bank. Manipulation of unknown code within this component can lead to SQL...