🚨 CVE-2024-24445
OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is unsupported, OAI indexes into a null function pointer and subsequently dereferences it.
🎖@cveNotify
OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is unsupported, OAI indexes into a null function pointer and subsequently dereferences it.
🎖@cveNotify
🚨 CVE-2024-24451
A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface.
🎖@cveNotify
A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface.
🎖@cveNotify
🚨 CVE-2024-24443
An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDU Session Resource Setup Response.
🎖@cveNotify
An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDU Session Resource Setup Response.
🎖@cveNotify
🚨 CVE-2023-36998
The NextEPC MME <= 1.0.1 (fixed in commit a8492c9c5bc0a66c6999cb5a263545b32a4109df) contains a stack-based buffer overflow vulnerability in the Emergency Number List decoding method. An attacker may send a NAS message containing an oversized Emergency Number List value to the MME to overwrite the stack with arbitrary bytes. An attacker with a cellphone connection to any base station managed by the MME may exploit this vulnerability without having to authenticate with the LTE core.
🎖@cveNotify
The NextEPC MME <= 1.0.1 (fixed in commit a8492c9c5bc0a66c6999cb5a263545b32a4109df) contains a stack-based buffer overflow vulnerability in the Emergency Number List decoding method. An attacker may send a NAS message containing an oversized Emergency Number List value to the MME to overwrite the stack with arbitrary bytes. An attacker with a cellphone connection to any base station managed by the MME may exploit this vulnerability without having to authenticate with the LTE core.
🎖@cveNotify
🚨 CVE-2024-57041
A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile.
🎖@cveNotify
A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile.
🎖@cveNotify
GitHub
fix: escape about me on user flags · NodeBB/NodeBB@4e69bff
Node.js based forum software built for the modern web - fix: escape about me on user flags · NodeBB/NodeBB@4e69bff
🚨 CVE-2024-48416
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/fromSetLanDhcpsClientbinding.
🎖@cveNotify
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/fromSetLanDhcpsClientbinding.
🎖@cveNotify
GitHub
advisories/cve/edimax/cve-2024-48416.md at c271ddb997bc0263274118acc380bc71ce9c316b · SpikeReply/advisories
Advisories from Spike Reply Cybersecurity team. Contribute to SpikeReply/advisories development by creating an account on GitHub.
🚨 CVE-2024-48417
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Cross Site Scripting (XSS) in : /bin/goahead via /goform/setStaticRoute, /goform/fromSetFilterUrlFilter, and /goform/fromSetFilterClientFilter.
🎖@cveNotify
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Cross Site Scripting (XSS) in : /bin/goahead via /goform/setStaticRoute, /goform/fromSetFilterUrlFilter, and /goform/fromSetFilterClientFilter.
🎖@cveNotify
GitHub
advisories/cve/edimax/cve-2024-48417.md at c271ddb997bc0263274118acc380bc71ce9c316b · SpikeReply/advisories
Advisories from Spike Reply Cybersecurity team. Contribute to SpikeReply/advisories development by creating an account on GitHub.
🚨 CVE-2024-48418
In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with access to the web interface to inject and execute arbitrary shell commands.
🎖@cveNotify
In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with access to the web interface to inject and execute arbitrary shell commands.
🎖@cveNotify
GitHub
advisories/cve/edimax/cve-2024-48418.md at c271ddb997bc0263274118acc380bc71ce9c316b · SpikeReply/advisories
Advisories from Spike Reply Cybersecurity team. Contribute to SpikeReply/advisories development by creating an account on GitHub.
🚨 CVE-2024-48419
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in /bin/goahead. Specifically, these issues can be triggered through /goform/tracerouteDiagnosis, /goform/pingDiagnosis, and /goform/fromSysToolPingCmd Each of these issues allows an attacker with access to the web interface to inject and execute arbitrary shell commands, with "root" privileges.
🎖@cveNotify
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in /bin/goahead. Specifically, these issues can be triggered through /goform/tracerouteDiagnosis, /goform/pingDiagnosis, and /goform/fromSysToolPingCmd Each of these issues allows an attacker with access to the web interface to inject and execute arbitrary shell commands, with "root" privileges.
🎖@cveNotify
GitHub
advisories/cve/edimax/cve-2024-48419.md at c271ddb997bc0263274118acc380bc71ce9c316b · SpikeReply/advisories
Advisories from Spike Reply Cybersecurity team. Contribute to SpikeReply/advisories development by creating an account on GitHub.
🚨 CVE-2024-48420
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/getWifiBasic.
🎖@cveNotify
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/getWifiBasic.
🎖@cveNotify
GitHub
advisories/cve/edimax/cve-2024-48420.md at c271ddb997bc0263274118acc380bc71ce9c316b · SpikeReply/advisories
Advisories from Spike Reply Cybersecurity team. Contribute to SpikeReply/advisories development by creating an account on GitHub.
🚨 CVE-2024-34896
An issue in Nedis SmartLife Video Doorbell (WIFICDP10GY), Nedis SmartLife IOS v1.4.0 causes users who are disconnected from a previous peer-to-peer connection with the device to still have access to live video feed.
🎖@cveNotify
An issue in Nedis SmartLife Video Doorbell (WIFICDP10GY), Nedis SmartLife IOS v1.4.0 causes users who are disconnected from a previous peer-to-peer connection with the device to still have access to live video feed.
🎖@cveNotify
🚨 CVE-2024-34897
Nedis SmartLife android app v1.4.0 was discovered to contain an API key disclosure vulnerability.
🎖@cveNotify
Nedis SmartLife android app v1.4.0 was discovered to contain an API key disclosure vulnerability.
🎖@cveNotify
🚨 CVE-2024-57598
A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in function AP4_TfraAtom() of Ap4TfraAtom.cpp which allows a remote attacker to cause a denial of service vulnerability.
🎖@cveNotify
A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in function AP4_TfraAtom() of Ap4TfraAtom.cpp which allows a remote attacker to cause a denial of service vulnerability.
🎖@cveNotify
GitHub
Bugs-disclosure/Bento4_FPE.md at main · JWH-96/Bugs-disclosure
Contribute to JWH-96/Bugs-disclosure development by creating an account on GitHub.
🚨 CVE-2025-22936
An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1 allows a remote attacker to obtain sensitive information via the Weak default WiFi password generation algorithm in WiFi routers.
🎖@cveNotify
An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1 allows a remote attacker to obtain sensitive information via the Weak default WiFi password generation algorithm in WiFi routers.
🎖@cveNotify
🚨 CVE-2020-35546
Lexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access control settings.
🎖@cveNotify
Lexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access control settings.
🎖@cveNotify
🚨 CVE-2025-25968
DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive information, such as system administrator credentials, by force browsing the endpoint and exploiting the 'file' parameter. By referencing specific files (e.g., cm3.xml), attackers can bypass access controls, leading to account takeover and potential privilege escalation.
🎖@cveNotify
DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive information, such as system administrator credentials, by force browsing the endpoint and exploiting the 'file' parameter. By referencing specific files (e.g., cm3.xml), attackers can bypass access controls, leading to account takeover and potential privilege escalation.
🎖@cveNotify
GitHub
GitHub - padayali-JD/CVE-2025-25968
Contribute to padayali-JD/CVE-2025-25968 development by creating an account on GitHub.
🚨 CVE-2025-26201
Credential disclosure vulnerability via the /staff route in GreaterWMS <= 2.1.49 allows a remote unauthenticated attackers to bypass authentication and escalate privileges.
🎖@cveNotify
Credential disclosure vulnerability via the /staff route in GreaterWMS <= 2.1.49 allows a remote unauthenticated attackers to bypass authentication and escalate privileges.
🎖@cveNotify
GitHub
CVE/GreaterWMS/CVE-2025-26201.md at main · Elymaro/CVE
This repository contains information and proofs of concept (PoCs) for the CVEs I have found. - Elymaro/CVE
🚨 CVE-2025-25783
An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3 allows attackers to execute arbitrary code via uploading a crafted Zip file.
🎖@cveNotify
An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3 allows attackers to execute arbitrary code via uploading a crafted Zip file.
🎖@cveNotify
🚨 CVE-2025-25784
An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2.5.4 allows attackers to execute arbitrary code via uploading a crafted Zip file.
🎖@cveNotify
An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2.5.4 allows attackers to execute arbitrary code via uploading a crafted Zip file.
🎖@cveNotify
🚨 CVE-2025-25785
JizhiCMS v2.5.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component \c\PluginsController.php. This vulnerability allows attackers to perform an intranet scan via a crafted request.
🎖@cveNotify
JizhiCMS v2.5.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component \c\PluginsController.php. This vulnerability allows attackers to perform an intranet scan via a crafted request.
🎖@cveNotify
www.jizhicms.cn
极致CMS | 免费开源的建站系统-快速建站系统-极致官网 - 极速建站程序优选【极致CMS】
极致CMS是开源免费的PHPCMS网站内容管理系统,无商业授权,简单易用,提供丰富的插件,帮您实现零基础搭建不同类型网站(企业站,门户站,个人博客站等),是您建站的好帮手。极速建站,就选极致CMS。
🚨 CVE-2025-25789
FoxCMS v1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the index() method at \controller\Sitemap.php.
🎖@cveNotify
FoxCMS v1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the index() method at \controller\Sitemap.php.
🎖@cveNotify