ALPINE-CVE-2026-42012

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

CVE-2026-8729

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...

CVE-2026-8729 Open5GS NRF message.c denial of service

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...

CVE-2026-8729

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...

EUVD-2026-30679

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...

CVE-2026-8729 Open5GS NRF message.c denial of service

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...

CVE-2026-8729

CVE-2026-8729 affects Open5GS (up to 2.7.7) in the NRF component, specifically the function in /lib/sbi/message.c. Manipulating the argument service-names/snssais can trigger a denial of service. The issue is exploitable remotely, and the exploit is publicly available. The reports indicate the pr...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from unknown functions in the NRF component’s...

EUVD-2026-28480

A vulnerability was found in Open5GS up to 2.7.7. This affects the function ogssbidiscoveryoptionaddservicenames in the library /lib/sbi/message.c of the component NSSF. The manipulation results in denial of service. The attack may be performed from remote. The exploit has been made public and...

CVE-2026-8122

A vulnerability was found in Open5GS up to 2.7.7. This affects the function ogssbidiscoveryoptionaddservicenames in the library /lib/sbi/message.c of the component NSSF. The manipulation results in denial of service. The attack may be performed from remote. The exploit has been made public and...

CVE-2026-8122 Open5GS NSSF message.c ogs_sbi_discovery_option_add_service_names denial of service

A vulnerability was found in Open5GS up to 2.7.7. This affects the function ogssbidiscoveryoptionaddservicenames in the library /lib/sbi/message.c of the component NSSF. The manipulation results in denial of service. The attack may be performed from remote. The exploit has been made public and...

PT-2026-38606

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A remote denial of service issue exists in the NSSF component. The flaw is located in the ogs sbi discovery option add service names function within the /lib/sbi/message.c library, where specific...

CVE-2026-33276

CVE-2026-33276: Stored XSS in Checkmk 2.5.0 (beta) before 2.5.0b2 allows authenticated users who can create hosts or services to inject/execute JavaScript in other users’ browsers during Unified Search. Affected component is the Unified Search feature; vulnerability arises from unescaped host/ser...

CVE-2026-33276 XSS in Unified Search via Unescaped Host/Service Names

Stored cross-site scripting XSS in Checkmk 2.5.0 beta before 2.5.0b2 allows authenticated users with permission to create hosts or services to execute arbitrary JavaScript in the browsers of other users performing searches in the Unified Search feature...

SUSE CVE-2017-11103

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...

CVE-2022-40716

A flaw was found in the HashiCorp Consul package. In the affected versions of this package, a specially crafted CSR sent directly to Consul’s internal server agent RPC endpoint can include multiple SAN URI values with additional service names...

DEBIAN-CVE-2017-11103

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...

ALPINE-CVE-2017-11103

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...

Wireshark 2.2.x < 2.2.1 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.1 advisory. - In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. Th...