Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS prior to 2.7.5 contained security vulnerabilities. These vulnerabilities stemmed from assertion failures in the PCO parser within the SMF component,...

PT-2026-36167

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.5 Description An assertion failure in the PCO Protocol Configuration Options parser within the SMF Session Management Function component allows remote attackers to cause a denial of service. This occurs when the...

PT-2025-43283

Name of the Vulnerable Software and Affected Versions pco 58 WC Return products versions through 1.5 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-site Scripting XSS issue. This allows for the injection of...

MAL-2024-2853 Malicious code in pco-apigw-common-layer (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in pco-apigw-common-layer (npm)

--- -= Per source details. Do not edit below this line.=-...

Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Directory Traversal Vulnerability

Exploit Title: Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Directory Traversal Exploit Author: LiquidWorm Vendor: CAREL INDUSTRIES S.p.A. Product web page: https://www.carel.com Affected version: Firmware: A2.1.0 - B2.1.0 Application Software: 2.15.4A Software version: v16 13020200 Summary: pCO...

Malicious Package

Overview pcoapi is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Malicious code in pco_api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f9c8289fc4eb78d3e66ed76818f5f799edc0dbee5bebe64774a03a2c3148158b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2015-8330

CVE-2015-8330 affects SAP Plant Connectivity (PCo) agent versions 2.2, 2.3, 15.0 and 15.1. A remote attacker can trigger memory corruption and crash the PCo agent by sending crafted xMII requests, causing denial of service. This is documented by NVD (base score 7.8) and referenced advisories, inc...

SAP PCo agent - DoS vulnerability

Application: SAP PCo Vendor: Bugs: DoS Reported: 05.09.2015 Vendor response: 06.09.2015 Date of Public Advisory: 20.11.2015 Reference: SAP Security Note 2238619 Author: Mathieu GELI ERPScan VULNERABILITY INFORMATION Class: Denial of service Impact: Disrupt operational status Remotely Exploitable:...