16 matches found
EUVD-2026-33700
FlexRIC v2.0.0 contains reachable assert0 calls in stub message handlers for whitelisted but unimplemented E2AP message types in the near-RT RIC. A remote unauthenticated attacker can send a decodable E2AP PDU of such a type e.g., E2nodeConfigurationUpdate to crash the near-RT RIC process port...
FlexRIC 安全漏洞
FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability stems from the assertion in the e2aprecvsctpmsg function, where assertrc len is used. This could allow unauthorized remote attackers to send SCT...
CVE-2026-37228
FlexRIC v2.0.0 contains a reachable assertion in e2aprecvsctpmsg src/lib/ep/e2apep.c. The function allocates a fixed 32KB receive buffer and enforces assertrc = 32,768 bytes to crash the near-RT RIC, iApp, E2 Agent, or xApp process via SIGABRT. No valid E2AP PDU is required. All four SCTP endpoin...
SUSE-SU-2026:21424-1 Security update for glibc-livepatches
This update for glibc-livepatches fixes the following issue: - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209...
kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...
Linux Distros Unpatched Vulnerability : CVE-2022-0435
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of...
H3C N12 V100R005 安全漏洞
The H3C N12 V100R005 is a wireless router from China's Xinhua San H3C. A security vulnerability exists in the H3C N12 V100R005 version that stems from a lack of length validation in the MAC address update function, which could allow an attacker to crash a remote target device or execute arbitrary...
PT-2024-35487
Name of the Vulnerable Software and Affected Versions Bitcoin Core versions prior to 22.0 Bitcoin Core versions 27.x Description The issue is caused by an integer overflow in CAddrMan's nIdCount via a flood of addr messages, leading to an assertion failure and daemon exit. This can be exploited t...
PT-2024-31875 · Unknown · Lan Messenger
Name of the Vulnerable Software and Affected Versions: LAN Messenger version 3.4.0 Description: The issue is a remote denial of service vulnerability that allows an attacker to crash the LAN Messenger service. This is achieved by sending a long string directly and continuously over the UDP...
PT-2024-2315 · Siemens · Cerberus Pro En Fire Panel Fc72X Ip7 +21
Name of the Vulnerable Software and Affected Versions: Cerberus PRO EN Engineering Tool versions prior to MP4 Cerberus PRO EN Fire Panel FC72x IP6 versions prior to IP8 SR4 Cerberus PRO EN Fire Panel FC72x IP7 versions prior to IP8 SR4 Cerberus PRO EN Fire Panel FC72x IP8 versions prior to IP8 SR...
SUSE CVE-2015-4604
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service application crash or possibly...
SUSE CVE-2022-21427
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
PT-2021-17165 · Asterisk +2 · Asterisk +2
Name of the Vulnerable Software and Affected Versions: Asterisk versions 13.38.1 and earlier, 14.x, 15.x, 16.x through 16.16.0, 17.x through 17.9.1, and 18.x through 18.2.0 Certified Asterisk versions 16.8-cert5 and earlier Description: An issue in res pjsip session.c allows a remote server to...
tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c
An out-of-bounds read vulnerability was discovered in tcpdump while printing LMP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...
ntp: incomplete checks in ntp_crypto.c
It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a specially...
security flaw
raddecode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service crash via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute...