CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2025-23219 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adic... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-37037 A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to cr... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-23220 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adic... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-23086 On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site's origin on the OS-provided file selector dialog when a site prompts the user to upload or download a ... | 6.1 | MEDIUM | — | 0 |
| CVE-2024-21245 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Business Logic Infra SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable v... | 5.4 | MEDIUM | — | 0 |
| CVE-2024-55959 Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. | 9.1 | CRITICAL | — | 0 |
| CVE-2024-57360 https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: `nm --without-symbol-version` function. | 5.5 | MEDIUM | — | 0 |
| CVE-2025-21507 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabil... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-21508 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabil... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-21509 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabil... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-21510 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabil... | 7.5 | HIGH | — | 0 |
| CVE-2025-21511 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabil... | 7.5 | HIGH | — | 0 |
| CVE-2025-21512 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabil... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-21513 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabil... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-21514 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabil... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-21515 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabil... | 8.8 | HIGH | — | 0 |
| CVE-2025-21517 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabil... | 4.3 | MEDIUM | — | 0 |
| CVE-2025-21524 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-21527 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Design Tools SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerabi... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-21538 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.2. Easily exploitable vulnerabil... | 6.1 | MEDIUM | — | 0 |
| CVE-2024-24445 OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to ... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-37024 A reachable assertion in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an ... | 7.5 | HIGH | — | 0 |
| CVE-2023-37026 A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to cr... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-37027 Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to cras... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-37028 A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to cr... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-37030 A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to cr... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-37031 A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to cr... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-37032 A Stack-based buffer overflow in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME ... | 7.5 | HIGH | — | 0 |
| CVE-2023-37033 A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to cr... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-37034 A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to cr... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-37036 A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to cr... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-37038 A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to cr... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-24416 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_access_point_name_ie function at /3gpp/3gp... | 7.5 | HIGH | — | 0 |
| CVE-2024-24417 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at... | 7.5 | HIGH | — | 0 |
| CVE-2024-24418 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_pdn_address function at /nas/ies/PdnAddres... | 7.5 | HIGH | — | 0 |
| CVE-2024-24419 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_traffic_flow_template_packet_filter functi... | 7.5 | HIGH | — | 0 |
| CVE-2024-24422 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a stack overflow in the decode_protocol_configuration_options function at ... | 7.5 | HIGH | — | 0 |
| CVE-2024-24423 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_esm_message_container function at /nas/ies... | 7.5 | HIGH | — | 0 |
| CVE-2024-24424 A reachable assertion in the decode_access_point_name_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) ... | 7.5 | HIGH | — | 0 |
| CVE-2023-37039 A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allow network-adjacent attackers to cra... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-23087 Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities | N/A | NONE | — | 0 |
| CVE-2025-23088 Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities | N/A | NONE | — | 0 |
| CVE-2025-23089 Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities | N/A | NONE | — | 0 |
| CVE-2024-13496 The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versio... | 7.5 | HIGH | — | 0 |
| CVE-2025-0604 A flaw was found in Keycloak. When an Active Directory user resets their password, the system updates it without performing an LDAP bind to validate the new credentials against AD. This vulnerability ... | 5.4 | MEDIUM | — | 0 |
| CVE-2024-31903 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deseriali... | 8.8 | HIGH | — | 0 |
| CVE-2024-55957 In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control Software (ICSW) before 3.1 SP10, the driver packages have a local privilege escalation vulnerability due to... | 7.8 | HIGH | — | 0 |
| CVE-2023-32340 IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering th... | 4.6 | MEDIUM | — | 0 |
| CVE-2023-50309 IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte... | 6.4 | MEDIUM | — | 0 |
| CVE-2024-13422 The SEO Blogger to WordPress Migration using 301 Redirection plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' parameter in all versions up to, and including, 0.4.8 du... | 6.1 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.