CVE-2026-33906

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, the NetworkManager role was granted backup and restore permission. The restore endpoint accepted any valid SQLite file without verifying its contents. A NetworkManager could replace the production database with a tamper...

CVE-2026-33906

CVE-2026-33906 concerns Ella Core, a 5G core for private networks. Prior to version 1.7.0, the NetworkManager role had backup/restore permissions, and the restore endpoint accepted any valid SQLite file without validating contents. An attacker with NetworkManager privileges could replace the prod...

GHSA-87J9-M7X6-HVW2 Ella Core has Privilege Escalation via Database Restore by NetworkManager role

Summary The NetworkManager role was granted backup and restore permission. The restore endpoint accepted any valid SQLite file without verifying its contents. Impact A NetworkManager could replace the production database with a tampered copy to escalate to Admin, gaining access to user management...

PT-2026-28564

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.7.0 Description Ella Core is a 5G core designed for private networks. The NetworkManager role had backup and restore permissions. The restore endpoint accepted any valid SQLite file without content verification...

EUVD-2022-50663

Malicious code in bioql PyPI...

Path Traversal

Lollms is vulnerable to a path traversal vulnerability. The vulnerability is due to improper validation of file paths in the lollmsfilesystem.py file, where functions like addragdatabase, togglemountragdatabase, and vectorizefolder lack necessary security measures, allowing attackers to access an...

CVE-2024-0342

A vulnerability classified as critical has been found in Inis up to 2.0.1. Affected is an unknown function of the file /app/api/controller/default/Sqlite.php. The manipulation of the argument sql leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250110 is t...

PESTO - PE (files) Statistical Tool

PESTO is a Python script that extracts and saves in a database some PE file security characteristics or flags searching for every PE binary in a whole directory, and saving results in a database. It checks for architecture flag in the header, and for the following security flags: ASLR, NOSEH, DEP...

CVE-2018-17197

A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika...

UBUNTU-CVE-2018-17197

A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika...

CVE-2018-17197

CVE-2018-17197 affects Apache Tika’s SQLite3Parser, where a carefully crafted or corrupt sqlite file can trigger an infinite loop in versions 1.8–1.19.1. The vulnerability is a denial of service in Tika’s parser, with potential impact on availability. The Connected documents confirm the affected ...

Authentication flaw

The time-based one-time-password TOTP function in the application logic of the Green Electronics RainMachine Mini-8 2nd generation uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of...