Lucene search
K

90 matches found

Cvelist
Cvelist
added 2026/06/01 12:0 a.m.33 views

CVE-2026-37231

FlexRIC v2.0.0 uses a uint16t counter for xappid assignment but stores the value in uint32t message fields. After 65,530+ E42SETUPREQUESTs, the 16-bit counter wraps around and produces duplicate xappids. The iApp port 36422 crashes when attempting to register a duplicate ID in its internal data...

0.00488EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.19 views

PT-2026-45430

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2 SETUP REQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path and enforces this via assert. A remote unauthenticated attacker can crash the near-RT RIC port 364...

5.8AI score0.00347EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/01 12:0 a.m.11 views

CVE-2026-37220

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2SETUPREQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path and enforces this via assert. A remote unauthenticated attacker can crash the near-RT RIC port 36421...

5.8AI score0.00347EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from the use of the assert function to enforce mapping relationships before sending the E2SETUPREQUEST message. This could allow remote...

7.5CVSS5.4AI score0.00347EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/26 2:13 p.m.10 views

CVE-2026-9300

A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. It is best practic...

6.5CVSS6AI score0.00228EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/23 1:42 p.m.12 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the NGSetupRequest process. An attacker can cause memory corruption and potentially compromise confidentiality, integrity, and availability by sending specially crafted requests remotely. Remediation Upgrade...

6.5CVSS6.6AI score0.00228EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/23 11:45 a.m.9 views

CVE-2026-9300

A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. It is best practic...

6.5CVSS6AI score0.00228EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/05/23 11:45 a.m.11 views

EUVD-2026-31534

A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. It is best practic...

6.5CVSS6AI score0.00228EPSS
Exploits0References6
Snyk
Snyk
added 2026/05/18 3:42 a.m.7 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds via the NGSetupRequest function in the ngap/handler.go file when processing the InformationElement argument. An attacker can cause memory corruption by sending specially crafted requests remotely. Remediation Upgrade...

5.3CVSS5.8AI score0.00303EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/18 3:31 a.m.11 views

AMF Improperly Restricts Operations within the Bounds of a Memory Buffer

A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can lead to memory corruption. The attack can be launched remotely. The exploit has been publicly...

5.3CVSS5.4AI score0.00303EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2026/05/18 2:16 a.m.23 views

CVE-2026-8779

A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can lead to memory corruption. The attack can be launched remotely. The exploit has been publicly...

5.3CVSS0.00303EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

amf 缓冲区错误漏洞

AMF is an open-source library under the Apache License, developed by Free5GC. Versions of AMF such as 2.1.3-dev and earlier contain a buffer error vulnerability. This vulnerability arises from the operation of the NGSetupRequest function in the ngap/handler.go file, which leads to memory corrupti...

5.3CVSS6AI score0.00303EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/28 6:35 p.m.9 views

CVE-2026-31256

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

7.5CVSS5.3AI score0.00407EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/28 1:22 a.m.7 views

CVE-2026-35901

A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attacker to trigger session termination by repeatedly sending SETUP requests for the same media track within a single RTSP session. This causes the server to reset the RTSP connectio...

4.4CVSS5.3AI score0.00247EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/27 12:0 a.m.3 views

CVE-2026-31256

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

5.3AI score0.00407EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/27 12:0 a.m.10 views

CVE-2026-31256

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

5.3AI score0.00407EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.12 views

Mercury MIPC252W 安全漏洞

The Mercury MIPC252W is a high-definition network monitoring camera from the China Mercury company, capable of wireless connectivity. The version MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n contains a security vulnerability. This vulnerability arises from the RTSP service improperly verifying...

7.5CVSS5.8AI score0.00407EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.8 views

PT-2026-35507

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

5.3AI score0.00407EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/27 12:0 a.m.8 views

EUVD-2026-25899

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

5.3AI score0.00407EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:6 p.m.4 views

CVE-2026-5661

A vulnerability was identified in Free5GC 4.2.0. This affects an unknown function of the component NGSetupRequest Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit is publicly available and might be used...

6.9CVSS5.6AI score0.00419EPSS
Exploits0References1
Rows per page
Query Builder