Astra Linux - уязвимость в exiv2

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was discovered in Exiv2 versions v0.27.4 and earlier. This infinite loop occurs when Exiv2 is used to modify the metadata of a specially crafted image file. ...

CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

CVE-2025-15531 Open5GS context.c sgwc_bearer_add assertion

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

PT-2026-3363

A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. The manipulation results in resource consumption. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks...

MiracleLinux 7 : python-2.7.5-48.0.1.el7.AXS7 (AXSA:2016-1185:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-1185:04 advisory. IPy is a Python module for handling IPv4 and IPv6 Addresses and Networks in a fashion similar to perl's Net::IP and friends. The IP class allows a comfortabl...

CVE-2025-9873 a3 Lazy Load <= 2.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access...

PT-2025-47009

Name of the Vulnerable Software and Affected Versions Cloudlog versions 2.7.5 and earlier Description An authenticated SQL injection issue exists. The vucc details ajax function within the application/controllers/Awards.php file does not properly sanitize the Gridsquare POST parameter provided by...

Open5GS 安全漏洞

Open5GS is an Open5GS open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.5 and earlier, which stems from a reachable assertion issue that could lead to a denial-of-service attack...

CVE-2025-8804

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngapbuilddownlinknastransport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8805 Open5GS SMF gsm-sm.c smf_gsm_state_wait_pfcp_deletion denial of service

A vulnerability was determined in Open5GS up to 2.7.5. Affected by this issue is the function smfgsmstatewaitpfcpdeletion of the file src/smf/gsm-sm.c of the component SMF. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the publ...

CVE-2025-8805

Open5GS SMF component is affected by CVE-2025-8805 via the function smf_gsm_state_wait_pfcp_deletion in src/smf/gsm-sm.c, which can lead to a remote denial of service. Upgrade from 2.7.5 to 2.7.6 to address the issue; the patch is identified as c58b8f081986aaf2a312d73a0a17985518b47fe6. Exploitati...

CVE-2025-8802

A vulnerability was determined in Open5GS up to 2.7.5. This vulnerability affects the function smfstateoperational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The attack can be initiated remotely. The exploit has been...

CVE-2025-8802 Open5GS SMF smf-sm.c smf_state_operational denial of service

A vulnerability was determined in Open5GS up to 2.7.5. This vulnerability affects the function smfstateoperational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The attack can be initiated remotely. The exploit has been...

CVE-2025-8799 Open5GS AMF npcf-build.c amf_nsmf_pdusession_build_create_sm_context denial of service

A vulnerability was identified in Open5GS up to 2.7.5. Affected by this vulnerability is the function amfnpcfampolicycontrolbuildcreate/amfnsmfpdusessionbuildcreatesmcontext of the file src/amf/npcf-build.c of the component AMF. The manipulation leads to denial of service. The attack can be...

CVE-2021-22275

Buffer Overflow vulnerability in B Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service...

CamaleonCMS 跨站脚本漏洞

CamaleonCMS is an advanced RubyonRails-based dynamic content management system CMS from the CamaleonCMS team. A security vulnerability exists in CamaleonCMS version v2.7.5, which stems from the presence of a cross-site scripting vulnerability that allows remote attackers to execute arbitrary code...

PT-2024-14790 · WordPress · W3 Total Cache

Name of the Vulnerable Software and Affected Versions: W3 Total Cache plugin for WordPress versions up to, and including, 2.7.5 Description: The issue allows unauthenticated attackers to expose sensitive information, specifically Google OAuth API secrets stored in plaintext in the plugin source...