Lucene search
K

130931 matches found

CNVD
CNVD
•added 2025/02/08 12:0 a.m.•2 views

Orangescrum cross-site scripting vulnerability (CNVD-2026-02679)

Orangescrum is a project and task management software tool that also provides productivity tools for work organization and team collaboration. Orangescrum suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

5.4CVSS6.1AI score0.00776EPSS
Exploits2References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•7 views

Unspecified vulnerability in Open5GS amf_ue_set_suci function

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in the Open5GS amfuesetsuci function, which can be exploited by an attacker to trigger a denial of service DoS via a crafted NGAP packet...

7.5CVSS6.7AI score0.00386EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•9 views

Unspecified vulnerability in Open5GS oai_nas_5gmm_decode function

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in the Open5GS oainas5gmmdecode function, which can be exploited by an attacker to trigger a denial of service DoS via a crafted NGAP packe...

7.5CVSS6.7AI score0.00474EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•8 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03141)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends a "Switch Request ACK" message missing th...

5.3CVSS6.7AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•8 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03191)

Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "S1SETUP request" message missing the...

8.6CVSS6.7AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•5 views

Open5GS has an unspecified vulnerability

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.6.4 and earlier versions, which can be exploited by an attacker to send an "E-rab modification instruction" message th...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•8 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03134)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "ENB Status Transmission" message...

6.3CVSS6.7AI score0.00474EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•8 views

Open5GS has an unspecified vulnerability (CNVD-2025-03190)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Response" message that...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•6 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03192)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by sending a "switch" message missing the required "MMEUES1APID"...

6.3CVSS6.7AI score0.00474EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•9 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03200)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Failed" message that lac...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•4 views

Open5GS Code Execution Vulnerability

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a code execution vulnerability that can be exploited by an attacker to cause invalid parsing and memory release...

5.3CVSS7.5AI score0.00283EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•3 views

Mattermost Denial of Service Vulnerability (CNVD-2025-11091)

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial-of-service vulnerability that can be exploited by attackers to cause a system crash...

6.5CVSS6.9AI score0.00413EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•13 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03148)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who would send an initial UE message'' message that lacks th...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•7 views

Open5GS has an unspecified vulnerability (CNVD-2025-03161)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to send an "E-RAB Setup Response" message that lacks the required mmeues1apid' field to...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•5 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03198)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to repeatedly send such oversized packets to cause the ogssctprecvmsg routine to reach a...

7.3CVSS6.8AI score0.00507EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•6 views

Mattermost Code Issue Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a code issue vulnerability that stems from a failure to properly validate a proto style provided to an action style, which can be exploited by an attacker to crash the front-end...

6.5CVSS6.7AI score0.0054EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•4 views

Mattermost Denial of Service Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial-of-service vulnerability that stems from an inability to properly validate post attributes, which can be exploited by an attacker to cause a system crash...

6.5CVSS6.6AI score0.0054EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•6 views

Open5GS has an unspecified vulnerability (CNVD-2025-03129)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Modification Response" message that lacks the required mmeues1apid'...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•5 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03194)

Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends a "handover canceled" message that lacks the...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•8 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03197)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Version" full message missing the required mmeues1apid' field to...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•8 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03196)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Modification Failure" message missing the required mmeues1apid' fie...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•14 views

Open5GS UE Context Release Request Packet Denial of Service Vulnerability

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial of service vulnerability that stems from the inclusion of reachable assertions in the UE Context Release Request packet handler. An attacker...

7.5CVSS6.7AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•5 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03195)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Release Request" message missing the required mmeues1apid' field to...

7.5CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•7 views

Open5GS Uplink NAS Transport Packet Denial of Service Vulnerability

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS version 2.6.4 and prior versions, which stems from the inclusion of reachable assertions in the Uplink NAS Transport...

8.6CVSS6.7AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•10 views

Juniper Networks Junos OS Evolved Memory Misreference Vulnerability

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. A memory misreference vulnerability exists in Juniper Networks Junos OS Evolved, which arises from a failure to free kernel memory when processing certain malformed IPv6 packets, and can be exploited by an...

8.7CVSS6.7AI score0.00587EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•6 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03193)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends "S1SETUP request" messages missing the required...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•1 views

Open5GS has an unspecified vulnerability (CNVD-2025-18582)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS has a security vulnerability that can be exploited by attackers to cause a denial of service...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/08 12:0 a.m.•7 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03154)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited to cause a denial of service by an attacker who sends an "Initial UE Message" that lacks the required...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•5 views

Arbitrary File Read Vulnerability in Unisys UOS System of Unisys Software Technology Co.

Unisys Software Technology Co., Ltd. is a company specializing in operating system R&D and services, and is committed to providing safe, reliable, beautiful and easy-to-use domestic operating system solutions. There is an arbitrary file reading vulnerability in Unisys UOS system, which can be...

7AI score
Exploits0
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•14 views

SunGrow WiNet-S Stack Buffer Overflow Vulnerability

SunGrow WiNet-S is a LAN communication module from SunGrow, China. The SunGrow WiNet-S suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause a denial of service...

9.8CVSS8.2AI score0.00552EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•9 views

IBM Maximo Application Suite Information Disclosure Vulnerability

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. An information disclosure vulnerability exists in IBM Maximo Application Suite that stems from allowing...

5.3CVSS6AI score0.00295EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•6 views

Apache Wicket Resource Management Error Vulnerability

Apache Wicket is the United States Apache Apache Foundation of a set of open source , lightweight , component-based framework , which provides an object-oriented way to develop Web-based dynamic UI applications . A resource management error vulnerability exists in Apache Wicket version 7.0.0. The...

6.5CVSS6.6AI score0.01458EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•10 views

SunGrow WiNet-S stack buffer overflow vulnerability (CNVD-2025-03255)

SunGrow WiNet-S is a LAN communication module from SunGrow, China. The SunGrow WiNet-S suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause a denial of service...

9.8CVSS8.2AI score0.00552EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•3 views

coolLabs Coolify Information Disclosure Vulnerability (CNVD-2025-19124)

Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. coolLabs Coolify suffers from an information disclosure vulnerability that stems from the fact that any authenticated user only needs to know the UUID of the model, which can be exploited by an attacker to obtain the...

5.7CVSS6.2AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•11 views

SunGrow WiNet-S Trust Management Issues Vulnerability

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A trust management issue vulnerability exists in SunGrow WiNet-S version V200.001.00.P027 and prior versions, which stems from the use of hard-coded MQTT credentials. An attacker could use this vulnerability to send arbitrary...

5.4CVSS7AI score0.00235EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•7 views

SunGrow WiNet-S Storage Message Stack Buffer Overflow Vulnerability

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A stack buffer overflow vulnerability exists in SunGrow WiNet-S stored messages. The vulnerability stems from the base code not checking the bounds of the buffer used to store messages when replicating timestamped reads of MQTT...

9.8CVSS8AI score0.00552EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•6 views

IBM Concert Information Disclosure Vulnerability

IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. IBM Concert suffers from an information disclosure vulnerability that stems from not properly enabling HTTP strict transport. An attacker could exploit...

5.9CVSS5.9AI score0.00256EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•10 views

Microsoft Edge (Chromium-based) Spoofing Vulnerability (CNVD-2025-05242)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge Chromium-based suffers from a spoofing vulnerability that can be exploited by attackers to conduct spoofing attacks...

5.4CVSS6.8AI score0.00377EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•6 views

SunGrow WiNet-S TLV Field Stack Buffer Overflow Vulnerability

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A stack buffer overflow vulnerability exists in the SunGrow WiNet-S TLV field that originates from code that does not have sufficient boundary checks when parsing a specific TLV field. An attacker could exploit this vulnerability ...

8.1CVSS8.1AI score0.00429EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•3 views

OpenImageIO Heap Overflow Vulnerability

OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. A heap overflow vulnerability exists in OpenImageIO that stems from a boundary error in the component OpenImageIOV310 :: farmhash :: Inlined ::...

9.8CVSS7.2AI score0.0059EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•2 views

OpenImageIO Buffer Overflow Vulnerability

OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. OpenImageIO suffers from a buffer overflow vulnerability that stems from a boundary error in the component /OpenImageIO/fmath.h when processing untrust...

9.8CVSS7.5AI score0.00665EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•1 views

OpenImageIO Code Issue Vulnerability

OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. A code issue vulnerability exists in OpenImageIO that stems from a boundary error in the component /OpenImageIO/stringview.h when processing untrusted...

9.8CVSS7.1AI score0.00518EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•3 views

Unspecified Vulnerability in OpenImageIO

OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. OpenImageIO security vulnerability , the vulnerability stems from the component / imagebuf.cpp in the allocation of the size of the over-sized error , ...

9.8CVSS7AI score0.0059EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•9 views

IBM Maximo Asset Management File Upload Vulnerability

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from International Business Machines IBM. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for...

6.5CVSS6.5AI score0.00332EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•2 views

coolLabs Coolify Cross-Site Scripting Vulnerability

Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. coolLabs Coolify suffers from a cross-site scripting vulnerability that stems from allowing a user to search for tags on a tabbed page, and if the search does not return any results, the query is reflected in an error...

6.1CVSS6.1AI score0.00224EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•2 views

coolLabs Coolify Elevation of Privilege Vulnerability

Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. A elevation of privilege vulnerability exists in coolLabs Coolify, which is caused by improper authorization validation of terminal functions. An attacker can exploit the vulnerability to gain elevated privileges and...

9.9CVSS8AI score0.00473EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•2 views

coolLabs Coolify Remote Command Execution Vulnerability

Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. coolLabs Coolify suffers from a remote command execution vulnerability that can be exploited by an attacker to execute arbitrary commands on a victim's server...

10CVSS8AI score0.00723EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•2 views

Unspecified Vulnerability in coolLabs Coolify

Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. An unspecified vulnerability exists in coolLabs Coolify that originates from an authenticated user retrieving any existing private key on an instance in plain text. No detailed vulnerability details are provided at th...

10CVSS6.7AI score0.00597EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•2 views

coolLabs Coolify Command Execution Vulnerability

Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. A command execution vulnerability exists in coolLabs Coolify, which can be exploited by an attacker to execute arbitrary commands on a system...

9.3CVSS7.8AI score0.00519EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•2 views

coolLabs Coolify Information Disclosure Vulnerability

Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. coolLabs Coolify suffers from an information disclosure vulnerability that can be exploited by an attacker to gain access to the global instance OAuth configuration...

7.1CVSS6.6AI score0.00376EPSS
Exploits1References1
Total number of security vulnerabilities130931