Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-158 (空字节或NULL字符转义处理不恰当) — Vulnerability Class 19

19 vulnerabilities classified as CWE-158 (空字节或NULL字符转义处理不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-33191 free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error — free5gc 7.5 -2026-03-20
CVE-2026-4359 Heap-buffer-over-read in _mongoc_http_send via strstr on non-null-terminated buffer — MongoDB C Driver 2.0 Low2026-03-17
CVE-2026-28540 Huawei HarmonyOS 缓冲区错误漏洞 — HarmonyOS 4.0 Medium2026-03-05
CVE-2025-14388 PhastPress <= 3.7 - Unauthenticated Arbitrary File Read via Null Byte Injection — PhastPress 9.8 Critical2025-12-23
CVE-2025-66263 Unauthenticated Arbitrary File Read via Null Byte Injection — Mozart FM Transmitter 7.5AIHighAI2025-11-26
CVE-2025-61985 OpenSSH 安全漏洞 — OpenSSH 3.6 Low2025-10-06
CVE-2025-9648 Denial of Service in CivetWeb — CivetWeb 7.5 -2025-09-29
CVE-2025-55113 BMC Control-M/Agent unescaped NULL byte in access control list checks — Control-M/Agent 9.0 Critical2025-09-16
CVE-2025-47812 Wing FTP Server 7.4.3及 安全漏洞 — Wing FTP Server 10.0 Critical2025-07-10
CVE-2024-10921 Improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server — MongoDB Server 6.8 Medium2024-11-14
CVE-2024-9026 PHP-FPM logs from children may be altered — PHP 3.3 Low2024-10-08
CVE-2024-0408 Xorg-x11-server: selinux unlabeled glx pbuffer 5.5 Medium2024-01-18
CVE-2023-5719 Red Lion Crimson Improper Neutralization of Null Byte or NUL Character — Crimson 8.8 High2023-11-06
CVE-2022-31223 Dell BIOS 安全漏洞 — CPG BIOS 2.3 Low2022-09-12
CVE-2022-20813 Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities — Cisco TelePresence Video Communication Server (VCS) Expressway 9.0 Critical2022-07-06
CVE-2022-20812 Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities — Cisco TelePresence Video Communication Server (VCS) Expressway 9.0 Critical2022-07-06
CVE-2020-7928 Improper neutralization of null byte leads to read overrun — MongoDB Server 6.5 Medium2020-11-23
CVE-2020-14500 IMPROPER NEUTRALIZATION OF NULL BYTE OR NUL CHARACTER CWE-158 — Secomea GateManager all versions prior to 9.2c 10.0 Critical2020-08-25
CVE-2020-5363 多款Dell产品安全漏洞 — Dell Client Consumer and Commercial platforms 8.6 High2020-06-10

Vulnerabilities classified as CWE-158 (空字节或NULL字符转义处理不恰当) represent 19 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.