|
1781
|
8.8 |
HIGH
Network
|
wavlink
|
wl-nu516u1_firmware
|
A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypTy…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-8229
|
2026-05-13 02:37 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1782
|
8.8 |
HIGH
Network
|
wavlink
|
wl-nu516u1_firmware
|
A flaw has been found in Wavlink NU516U1 240425. The impacted element is the function sys_login1 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to os command…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-8230
|
2026-05-13 02:37 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1783
|
9.1 |
CRITICAL
Network
|
php
|
php
|
In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mb_convert_encoding() or related mbstring functions, the code incorrectl…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-6104
|
2026-05-13 02:35 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1784
|
7.5 |
HIGH
Network
|
php
|
php
|
In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C14N() method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML docu…
|
CWE-404
CWE-835
Improper Resource Shutdown or Release
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-7263
|
2026-05-13 02:35 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1785
|
6.5 |
MEDIUM
Network
|
open5gs
|
open5gs
|
A vulnerability was detected in Open5GS up to 2.7.7. The affected element is the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the component SMF. The manipulation…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8248
|
2026-05-13 02:35 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1786
|
6.5 |
MEDIUM
Network
|
open5gs
|
open5gs
|
A vulnerability has been found in Open5GS up to 2.7.7. This affects the function smf_n4_build_qos_flow_to_modify_list of the file /src/smf/n4-build.c of the component SMF. Such manipulation leads to …
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8250
|
2026-05-13 02:35 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1787
|
6.5 |
MEDIUM
Network
|
open5gs
|
open5gs
|
A vulnerability was found in Open5GS up to 2.7.7. This impacts the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the component SMF. Performing a manipulation resu…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8251
|
2026-05-13 02:35 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1788
|
6.5 |
MEDIUM
Network
|
open5gs
|
open5gs
|
A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smf_nsmf_handle_create_data_in_hsmf of the component SMF. Executing a manipulation can lead to null pointer dereference…
|
CWE-404
CWE-476
Improper Resource Shutdown or Release
NULL Pointer Dereference
|
CVE-2026-8252
|
2026-05-13 02:34 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1789
|
9.1 |
CRITICAL
Network
|
vmware
|
spring_cloud_config
|
Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially cra…
|
CWE-22
Path Traversal
|
CVE-2026-40982
|
2026-05-13 02:30 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1790
|
8.1 |
HIGH
Network
|
vmware
|
spring_cloud_config
|
The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use (TOCTOU) attacks.
Spring …
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-41002
|
2026-05-13 02:29 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
