Lucene search
K

41217 matches found

Cvelist
Cvelist
added 2026/05/17 2:15 a.m.44 views

CVE-2026-8728 Open5GS NRF conv.c ogs_sbi_discovery_option_parse_plmn_list denial of service

A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogssbidiscoveryoptionparseplmnlist in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument target-plmn-list leads to denial of service. The attack can be executed...

5.3CVSS0.0039EPSS
Exploits1References6
EUVD
EUVD
added 2026/05/17 2:15 a.m.19 views

EUVD-2026-30677

A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogssbidiscoveryoptionparseplmnlist in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument target-plmn-list leads to denial of service. The attack can be executed...

5.3CVSS5.5AI score0.0039EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/05/17 12:45 a.m.9 views

CVE-2026-8725

A weakness has been identified in CoreWorxLab CAAL up to 1.6.0. The affected element is an unknown function of the file src/caal/webhooks.py of the component test-hass Endpoint. This manipulation causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has be...

7.5CVSS6.7AI score0.00309EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/17 12:45 a.m.23 views

EUVD-2026-30676

A weakness has been identified in CoreWorxLab CAAL up to 1.6.0. The affected element is an unknown function of the file src/caal/webhooks.py of the component test-hass Endpoint. This manipulation causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has be...

7.5CVSS6.7AI score0.00309EPSS
Exploits0References4
CVE
CVE
added 2026/05/17 12:30 a.m.22 views

CVE-2026-8724

CVE-2026-8724 relates to Dataease 2.10.20, affecting the Data Dashboard component. The vulnerability lies in the function SqlparserUtils.transFilter in SqlparserUtils.java, enabling a SQL injection condition. Documents indicate the attack could be launched remotely and that exploits have been pub...

7.2CVSS5.6AI score0.00387EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/17 12:30 a.m.8 views

CVE-2026-8724 Dataease Data Dashboard SqlparserUtils.java SqlparserUtils.transFilter sql injection

A security flaw has been discovered in Dataease 2.10.20. Impacted is the function SqlparserUtils.transFilter of the file SqlparserUtils.java of the component Data Dashboard. The manipulation results in sql injection. The attack may be launched remotely. The exploit has been released to the public...

5.8CVSS5.6AI score0.00387EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.15 views

PT-2026-41522

A weakness has been identified in Sanluan PublicCMS 5.202506.d. This issue affects the function execute of the file publiccms-trade/src/main/java/com/publiccms/views/directive/trade/TradeAddressListDirective.java of the component Trade Address Query Handler. Executing a manipulation of the argume...

6.9CVSS5.8AI score0.00403EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.8 views

PublicCMS 安全漏洞

PublicCMS is an open-source content management system CMS developed by PublicCMS Company in China using the Java language. Version Sanluan PublicCMS 5.202506.d contains a security vulnerability. This vulnerability stems from the improper handling of the templateContent parameter in the execute...

6.5CVSS6.5AI score0.00232EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.11 views

PT-2026-41590

A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end WeChat API. Performing a manipulation results in sql injection. Remote...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.30 views

PT-2026-41585

Name of the Vulnerable Software and Affected Versions Kilo-Org kilocode versions prior to 7.0.48 Description A path traversal issue exists in the File Diff API Endpoint within the Bun.file function of the packages/opencode/src/kilocode/review/worktree-diff.ts file. A remote attacker can trigger...

5.3CVSS5.8AI score0.0058EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.17 views

PT-2026-41538

A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover handler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after free. The attack can be launched remotely. The exploit has been released to the...

5.3CVSS5.4AI score0.00367EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.9 views

Vercel AI SDK 资源管理错误漏洞

Vercel AI SDK is a JavaScript SDK provided by Vercel that supports the integration of large language models, streaming responses, and AI application development. Vercel AI SDK versions 3.0.97 and earlier contain a resource management vulnerability. This vulnerability stems from the functions...

6.5CVSS5.8AI score0.00561EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.10 views

PT-2026-41519

A vulnerability was determined in Oinone Pamirs up to 7.2.0. Affected by this issue is the function RSQLToSQLNodeConnector.makeVariable of the component queryListByWrapper Interface. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.10 views

Metasoft MetaCRM 访问控制错误漏洞

Metasoft MetaCRM is a customer relationship management system software developed by Metasoft, a Chinese company. Versions of Metasoft MetaCRM 6.4.0 Beta06 and earlier contained a access control error vulnerability. This vulnerability stemmed from an improper handling of the File parameter by an...

7.5CVSS7.1AI score0.00278EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.13 views

PT-2026-41567

Name of the Vulnerable Software and Affected Versions fishaudio Bert-VITS2 versions up to 8f7fbd8c4770965225d258db548da27dc8dd934c Description A path traversal issue exists in the Gradio Interface component. A remote attacker can manipulate the data dir argument within the generate config functio...

7.5CVSS7.1AI score0.00512EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.14 views

PT-2026-41514

A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogs sbi discovery option parse plmn list in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument target-plmn-list leads to denial of service. The attack can be...

5.3CVSS5.5AI score0.0039EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.10 views

Open5GS 缓冲区错误漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain a buffer error vulnerability. This vulnerability stems from the reuse of a resource after it has been released in the...

6.5CVSS5.9AI score0.00367EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.9 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the ogstimeradd function in the nausf-handler.c file within the...

6.5CVSS5.8AI score0.00372EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.12 views

PT-2026-41525

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefile key results in use of hard-coded...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.10 views

PT-2026-41568

Name of the Vulnerable Software and Affected Versions adenhq hive versions prior to 0.11.0 Description A path traversal issue exists in the Delete Request Handler component. A remote attacker can perform a manipulation affecting the read events tail function within the core/framework/server/route...

7.5CVSS7.1AI score0.0061EPSS
Exploits0References7
Rows per page
Query Builder