5309 matches found
Open5GS 输入验证错误漏洞
Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Version 2.7.3 of Open5GS contains a vulnerability related to input validation errors. This vulnerability stems from specially crafted PDU session modification requests,...
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error via the reuse of an easy handle in HTTP requests when a custom Host: header is set for the initial request and omitted in a subsequent one. An attacker can obtain cookies intended for a different host by exploiti...
UBUNTU-CVE-2026-41603
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
NVIDIA FLARE SDK 输入验证错误漏洞
NVIDIA FLARE SDK is a federal learning application development toolkit provided by NVIDIA Corporation in the United States. The NVIDIA Flare SDK has a vulnerability related to input validation errors. This vulnerability stems from path traversal, which leads to improper input validation,...
Hanwha Vision QND-8080R 输入验证错误漏洞
Hanwha Vision QND-8080R is a network infrared surveillance camera device produced by Hanwha Vision in South Korea. The Hanwha Vision QND-8080R has a vulnerability related to input validation errors. This vulnerability arises from improper handling of data in specific requests, which may lead to...
Origin Validation Error
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Origin Validation Error via the Slack thread context. An attacker can inject unauthorized messages into the agent context by replying to allowlisted users in Slack threads, thereby...
Argo Workflows 输入验证错误漏洞
Argo Workflows is an open-source container-native workflow engine for Kubernetes, part of the Argo project. Versions 3.6.5 to 4.0.4 of Argo Workflows contain a vulnerability related to input validation errors. This vulnerability stems from insufficient array index checking in the podGCFromPod...
Exploit for Origin Validation Error in Apache Airflow_Providers_Amazon
CVE-2026-25604 PoC Host Header Injection leading to SAML au...
EUVD-2026-24550
An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in DSC validation in the AMD display driver. This error allows bypassing irrelevant mode...
ONE 输入验证错误漏洞
ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions prior to ONE 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows in the calculation of buffer sizes, which could lead to...
ONE 输入验证错误漏洞
ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions of ONE prior to 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of the temporary buffer’s initial siz...
CVE-2026-29645
NEMU OpenXiangShan/NEMU before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector RVV decoder. The decoder does not correctly validate the funct3 field when decoding vsetvli/vsetivli/vsetvl, allowing certain invalid OP-V instruction encodings to be misinterpreted an...
Microsoft Azure Monitor Agent Input Validation Error Vulnerability (CNVD-2026-18593)
Microsoft Azure Monitor Agent is a monitoring agent program from Microsoft USA. A security vulnerability exists in Microsoft Azure Monitor Agent. An attacker can exploit the vulnerability to elevate privileges...
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
CVE-2026-22615
Due to improper input validation in one of the Eaton Intelligent Power Protector IPP XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version...
Adobe Framemaker Input Validation Error Vulnerability (CNVD-2026-19992)
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. An input validation error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause...
Origin Validation Error
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Origin Validation Error in the CORS handling process. An attacker can access sensitive authenticated API responses, including user profile data, email, admin statu...
PT-2026-32976
Name of the Vulnerable Software and Affected Versions free5GC versions 4.2.1 and earlier Description A fail-open request handling flaw exists in the UDR service. The PUT handler for the endpoint '/nudr-dr/v2/policy-data/subs-to-notify/subsId' does not terminate execution after request body...