38 matches found
free5GC 安全漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/Bearer-token authorization when the NEF module mounted the 3gpp-traffic-influence...
EUVD-2002-2383
Malware in sbrugna...
EUVD-2020-28405
Malware in sbrugna...
EUVD-2025-6702
Malicious code in bioql PyPI...
EUVD-2025-29662
Malicious code in bioql PyPI...
CVE-2025-37125
A broken access control vulnerability exists in HPE Aruba Networking EdgeConnect OS ECOS. Successful exploitation could allow an attacker to bypass firewall protections, potentially leading to unauthorized traffic being handled improperly...
CVE-2025-41713
During a short time frame while the device is booting an unauthenticated remote attacker can send traffic to unauthorized networks due to the switch operating in an undefined state until a CPU-induced reset allows proper configuration...
CVE-2025-37125
A broken access control vulnerability exists in HPE Aruba Networking EdgeConnect OS ECOS. Successful exploitation could allow an attacker to bypass firewall protections, potentially leading to unauthorized traffic being handled improperly...
HPE Aruba Networking EdgeConnect OS 安全漏洞
HPE Aruba Networking EdgeConnect OS is an operating system from HPE America. A security vulnerability exists in HPE Aruba Networking EdgeConnect OS that stems from improper access control and could result in bypassing firewall protection and handling unauthorized traffic...
PT-2025-38095
Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking EdgeConnect OS ECOS affected versions not specified Description: A broken access control issue exists in HPE Aruba Networking EdgeConnect OS ECOS. Successful exploitation may allow an attacker to bypass firewall...
CVE-2002-2405
Check Point FireWall-1 4.1 and Next Generation NG, with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall...
CVE-2025-47775
Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue...
CVE-2025-47775 Bullfrog's DNS over TCP bypasses domain filtering
Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue...
CVE-2025-47775
The CVE-2025-47775 refers to Bullfrog, a GitHub Action that blocks unauthorized outbound traffic in workflows. The issue: before version 0.8.4, Bullfrog’s TCP handling could bypass the intended block, enabling DNS data exfiltration and a sandbox bypass. Affected version range includes all release...
PT-2025-21175 · Bullfrog · Bullfrog
Name of the Vulnerable Software and Affected Versions: Bullfrog versions prior to 0.8.4 Description: Bullfrog is a GitHub Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration, which can result in sandbox...
CVE-2025-25040
A vulnerability has been identified in the port ACL functionality of AOS-CX software running on the HPE Aruba Networking CX 9300 Switch Series only and affects: - AOS-CX 10.14.xxxx : All patches - AOS-CX 10.15.xxxx : 10.15.1000 and below The vulnerability is specific to traffic originated by the ...
CVE-2025-25040 Failure to Properly Enforce Port ACLs on CPU generated packets in CX 9300 Switches
A vulnerability has been identified in the port ACL functionality of AOS-CX software running on the HPE Aruba Networking CX 9300 Switch Series only and affects: - AOS-CX 10.14.xxxx : All patches - AOS-CX 10.15.xxxx : 10.15.1000 and below The vulnerability is specific to traffic originated by the ...
CVE-2025-25040 Failure to Properly Enforce Port ACLs on CPU generated packets in CX 9300 Switches
A vulnerability has been identified in the port ACL functionality of AOS-CX software running on the HPE Aruba Networking CX 9300 Switch Series only and affects: - AOS-CX 10.14.xxxx : All patches - AOS-CX 10.15.xxxx : 10.15.1000 and below The vulnerability is specific to traffic originated by the ...
CVE-2025-25040
CVE-2025-25040 affects HPE Aruba CX 9300 CX-9300 switches running AOS-CX. The issue is in port ACL enforcement on routed ports for egress traffic, allowing bypass of ACLs and potential unauthorized traffic flow. Affected: AOS-CX 10.14.xxxx (all patches) and 10.15.xxxx (10.15.1000 and below). Not ...
Hewlett Packard Enterprise AOS-CX(HPE AOS-CX) 安全漏洞
Hewlett Packard Enterprise AOS-CX HPE AOS-CX is a network operating system for data centers, campuses, and edges from Hewlett Packard Enterprise, Inc. It is used to provide flexible and innovative network services and enhance network performance. A security vulnerability exists in Hewlett Packard...