CVE-2026-8730

A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogssbinfinstancesetid in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfInstanceId can lead to denial of service. The attack may be performed from remote. The exploit has been...

PT-2026-41536

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs sbi subscription data add/ogs sbi nf service add in the library /lib/sbi/context.c of the component NRF. Executing a manipulation can lead to denial of service. It is possible to launch the attack remotely. The...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the ogssbisubscriptiondataadd and ogssbinfserviceadd functions i...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from the ranuefindbyamfuengapid function in the context.c file of the...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.7 and earlier, which stems from the incorrect operation of the parameter ipv6Prefix by the bsfsessfindbyipv6prefix...

CVE-2026-7319

A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...

CVE-2026-7319

CVE-2026-7319 affects elinsky execution-system-mcp 0.1.0. The vulnerability is in the function _get_context_file_path (src/execution_system_mcp/server.py, add_action Tool), where improper handling of the context argument enables path traversal. Attack can be initiated remotely; the exploit has be...

CVE-2026-7319 elinsky execution-system-mcp add_action Tool server.py _get_context_file_path path traversal

A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...

EUVD-2026-26156

A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...

CVE-2026-7319 elinsky execution-system-mcp add_action Tool server.py _get_context_file_path path traversal

A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...

Execution System MCP Server 路径遍历漏洞

The Execution System MCP Server is an AI-native execution system server developed by Brian Elinsky. Version 0.1.0 of the Execution System MCP Server contains a path traversal vulnerability. This vulnerability arises from the parameter context in the getcontextfilepath function of the addaction...

Privilege Escalation

Signify is vulnerable to Privilege Escalation. The vulnerability is due to improper Authenticode signature validation in signeddata.py and context.py, where a remote attacker can escalate privileges via these components and exploit the vulnerability to gain elevated access...

GHSA-P4HH-MQ57-GQ8X Signify allows a remote attacker to escalate privileges via the signed_data.py and the context.py components

An issue in ralphje Signify before v.0.9.2 allows a remote attacker to escalate privileges via the signeddata.py and the context.py components...

CVE-2026-20062

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

CVE-2026-20062

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

CVE-2025-15531 Open5GS context.c sgwc_bearer_add assertion

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

CVE-2025-15531 Open5GS context.c sgwc_bearer_add assertion

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

EUVD-2025-20262

Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability...

CVE-2022-40890

A vulnerability in /src/amf/amf-context.c in Open5GS 2.4.10 and earlier leads to AMF denial of service...

SUSE CVE-2012-3355

1 AlbumTab.py, 2 ArtistTab.py, 3 LinksTab.py, and 4 LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory...