Security Vulnerabilities - CVEs Published In April 2024
Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in putBitString.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-04-30
O-RAN RICAPP kpimon-go I-Release has a segmentation violation via a certain E2AP-PDU message.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-04-30
O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateHandler.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-04-30
O-RAN RIC I-Release e2mgr lacks array size checks in E2nodeConfigUpdateNotificationHandler.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-04-30
Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in "return plmnIdString[0:3], plmnIdString[3:]" in reader.go.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-04-30
Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in "return uint64(b[2])<<16 | uint64(b[1])<<8 | uint64(b[0])" in reader.go.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-04-30
Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote attacker to run arbitrary code via the mnum parameter.
CVSS Score
4.4
EPSS Score
0.001
Published
2024-04-29
Limbas up to v5.2.14 was discovered to contain a SQL injection vulnerability via the ftid parameter.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-04-29
Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote attacker to execute arbitrary code and obtain sensitive information via the include/model/file.php component.
CVSS Score
9.8
EPSS Score
0.069
Published
2024-04-29
File Upload vulnerability in CubeCart before 6.5.5 allows an authenticated user to execute arbitrary code via a crafted .phar file.
CVSS Score
8.0
EPSS Score
0.001
Published
2024-04-29