130931 matches found
Orangescrum cross-site scripting vulnerability (CNVD-2026-02679)
Orangescrum is a project and task management software tool that also provides productivity tools for work organization and team collaboration. Orangescrum suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...
Unspecified vulnerability in Open5GS amf_ue_set_suci function
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in the Open5GS amfuesetsuci function, which can be exploited by an attacker to trigger a denial of service DoS via a crafted NGAP packet...
Unspecified vulnerability in Open5GS oai_nas_5gmm_decode function
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in the Open5GS oainas5gmmdecode function, which can be exploited by an attacker to trigger a denial of service DoS via a crafted NGAP packe...
Open5GS Denial of Service Vulnerability (CNVD-2025-03141)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends a "Switch Request ACK" message missing th...
Open5GS Denial of Service Vulnerability (CNVD-2025-03191)
Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "S1SETUP request" message missing the...
Open5GS has an unspecified vulnerability
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.6.4 and earlier versions, which can be exploited by an attacker to send an "E-rab modification instruction" message th...
Open5GS Denial of Service Vulnerability (CNVD-2025-03134)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "ENB Status Transmission" message...
Open5GS has an unspecified vulnerability (CNVD-2025-03190)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Response" message that...
Open5GS Denial of Service Vulnerability (CNVD-2025-03192)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by sending a "switch" message missing the required "MMEUES1APID"...
Open5GS Denial of Service Vulnerability (CNVD-2025-03200)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Failed" message that lac...
Open5GS Code Execution Vulnerability
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a code execution vulnerability that can be exploited by an attacker to cause invalid parsing and memory release...
Mattermost Denial of Service Vulnerability (CNVD-2025-11091)
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial-of-service vulnerability that can be exploited by attackers to cause a system crash...
Open5GS Denial of Service Vulnerability (CNVD-2025-03148)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who would send an initial UE message'' message that lacks th...
Open5GS has an unspecified vulnerability (CNVD-2025-03161)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to send an "E-RAB Setup Response" message that lacks the required mmeues1apid' field to...
Open5GS Denial of Service Vulnerability (CNVD-2025-03198)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to repeatedly send such oversized packets to cause the ogssctprecvmsg routine to reach a...
Mattermost Code Issue Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a code issue vulnerability that stems from a failure to properly validate a proto style provided to an action style, which can be exploited by an attacker to crash the front-end...
Mattermost Denial of Service Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial-of-service vulnerability that stems from an inability to properly validate post attributes, which can be exploited by an attacker to cause a system crash...
Open5GS has an unspecified vulnerability (CNVD-2025-03129)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Modification Response" message that lacks the required mmeues1apid'...
Open5GS Denial of Service Vulnerability (CNVD-2025-03194)
Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends a "handover canceled" message that lacks the...
Open5GS Denial of Service Vulnerability (CNVD-2025-03197)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Version" full message missing the required mmeues1apid' field to...
Open5GS Denial of Service Vulnerability (CNVD-2025-03196)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Modification Failure" message missing the required mmeues1apid' fie...
Open5GS UE Context Release Request Packet Denial of Service Vulnerability
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial of service vulnerability that stems from the inclusion of reachable assertions in the UE Context Release Request packet handler. An attacker...
Open5GS Denial of Service Vulnerability (CNVD-2025-03195)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Release Request" message missing the required mmeues1apid' field to...
Open5GS Uplink NAS Transport Packet Denial of Service Vulnerability
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS version 2.6.4 and prior versions, which stems from the inclusion of reachable assertions in the Uplink NAS Transport...
Juniper Networks Junos OS Evolved Memory Misreference Vulnerability
Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. A memory misreference vulnerability exists in Juniper Networks Junos OS Evolved, which arises from a failure to free kernel memory when processing certain malformed IPv6 packets, and can be exploited by an...
Open5GS Denial of Service Vulnerability (CNVD-2025-03193)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends "S1SETUP request" messages missing the required...
Open5GS has an unspecified vulnerability (CNVD-2025-18582)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS has a security vulnerability that can be exploited by attackers to cause a denial of service...
Open5GS Denial of Service Vulnerability (CNVD-2025-03154)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited to cause a denial of service by an attacker who sends an "Initial UE Message" that lacks the required...
Arbitrary File Read Vulnerability in Unisys UOS System of Unisys Software Technology Co.
Unisys Software Technology Co., Ltd. is a company specializing in operating system R&D and services, and is committed to providing safe, reliable, beautiful and easy-to-use domestic operating system solutions. There is an arbitrary file reading vulnerability in Unisys UOS system, which can be...
SunGrow WiNet-S Stack Buffer Overflow Vulnerability
SunGrow WiNet-S is a LAN communication module from SunGrow, China. The SunGrow WiNet-S suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause a denial of service...
IBM Maximo Application Suite Information Disclosure Vulnerability
IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. An information disclosure vulnerability exists in IBM Maximo Application Suite that stems from allowing...
Apache Wicket Resource Management Error Vulnerability
Apache Wicket is the United States Apache Apache Foundation of a set of open source , lightweight , component-based framework , which provides an object-oriented way to develop Web-based dynamic UI applications . A resource management error vulnerability exists in Apache Wicket version 7.0.0. The...
SunGrow WiNet-S stack buffer overflow vulnerability (CNVD-2025-03255)
SunGrow WiNet-S is a LAN communication module from SunGrow, China. The SunGrow WiNet-S suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause a denial of service...
coolLabs Coolify Information Disclosure Vulnerability (CNVD-2025-19124)
Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. coolLabs Coolify suffers from an information disclosure vulnerability that stems from the fact that any authenticated user only needs to know the UUID of the model, which can be exploited by an attacker to obtain the...
SunGrow WiNet-S Trust Management Issues Vulnerability
SunGrow WiNet-S is a LAN communication module from SunGrow, China. A trust management issue vulnerability exists in SunGrow WiNet-S version V200.001.00.P027 and prior versions, which stems from the use of hard-coded MQTT credentials. An attacker could use this vulnerability to send arbitrary...
SunGrow WiNet-S Storage Message Stack Buffer Overflow Vulnerability
SunGrow WiNet-S is a LAN communication module from SunGrow, China. A stack buffer overflow vulnerability exists in SunGrow WiNet-S stored messages. The vulnerability stems from the base code not checking the bounds of the buffer used to store messages when replicating timestamped reads of MQTT...
IBM Concert Information Disclosure Vulnerability
IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. IBM Concert suffers from an information disclosure vulnerability that stems from not properly enabling HTTP strict transport. An attacker could exploit...
Microsoft Edge (Chromium-based) Spoofing Vulnerability (CNVD-2025-05242)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge Chromium-based suffers from a spoofing vulnerability that can be exploited by attackers to conduct spoofing attacks...
SunGrow WiNet-S TLV Field Stack Buffer Overflow Vulnerability
SunGrow WiNet-S is a LAN communication module from SunGrow, China. A stack buffer overflow vulnerability exists in the SunGrow WiNet-S TLV field that originates from code that does not have sufficient boundary checks when parsing a specific TLV field. An attacker could exploit this vulnerability ...
OpenImageIO Heap Overflow Vulnerability
OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. A heap overflow vulnerability exists in OpenImageIO that stems from a boundary error in the component OpenImageIOV310 :: farmhash :: Inlined ::...
OpenImageIO Buffer Overflow Vulnerability
OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. OpenImageIO suffers from a buffer overflow vulnerability that stems from a boundary error in the component /OpenImageIO/fmath.h when processing untrust...
OpenImageIO Code Issue Vulnerability
OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. A code issue vulnerability exists in OpenImageIO that stems from a boundary error in the component /OpenImageIO/stringview.h when processing untrusted...
Unspecified Vulnerability in OpenImageIO
OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. OpenImageIO security vulnerability , the vulnerability stems from the component / imagebuf.cpp in the allocation of the size of the over-sized error , ...
IBM Maximo Asset Management File Upload Vulnerability
IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from International Business Machines IBM. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for...
coolLabs Coolify Cross-Site Scripting Vulnerability
Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. coolLabs Coolify suffers from a cross-site scripting vulnerability that stems from allowing a user to search for tags on a tabbed page, and if the search does not return any results, the query is reflected in an error...
coolLabs Coolify Elevation of Privilege Vulnerability
Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. A elevation of privilege vulnerability exists in coolLabs Coolify, which is caused by improper authorization validation of terminal functions. An attacker can exploit the vulnerability to gain elevated privileges and...
coolLabs Coolify Remote Command Execution Vulnerability
Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. coolLabs Coolify suffers from a remote command execution vulnerability that can be exploited by an attacker to execute arbitrary commands on a victim's server...
Unspecified Vulnerability in coolLabs Coolify
Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. An unspecified vulnerability exists in coolLabs Coolify that originates from an authenticated user retrieving any existing private key on an instance in plain text. No detailed vulnerability details are provided at th...
coolLabs Coolify Command Execution Vulnerability
Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. A command execution vulnerability exists in coolLabs Coolify, which can be exploited by an attacker to execute arbitrary commands on a system...
coolLabs Coolify Information Disclosure Vulnerability
Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. coolLabs Coolify suffers from an information disclosure vulnerability that can be exploited by an attacker to gain access to the global instance OAuth configuration...