CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

118 matches found

EUVD-2026-33917

An authentication bypass vulnerability exists in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deployments configured with LdapAuth.mixedAuth=true and Security.requireotp=true, users authenticated through an authentication plugin, such as LDAP, may have their authenticat...

8.2CVSS5.8AI score0.00073EPSS

Exploits0References1

RedhatCVE•added 2026/05/12 8:20 a.m.•5 views

CVE-2026-8266

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsmbuildpdusessionestablishmentaccept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be used...

6.5CVSS5.5AI score0.00014EPSS

Exploits1References1

EUVD•added 2026/05/11 6:31 a.m.•7 views

EUVD-2026-29023

5.3CVSS5.5AI score0.00014EPSS

Exploits1References6

ATTACKERKB•added 2026/05/11 2:45 a.m.•7 views

CVE-2026-8266

5.3CVSS5.5AI score0.00014EPSS

Exploits1References5

Cvelist•added 2026/05/11 2:45 a.m.•34 views

CVE-2026-8266 Open5GS SMF gsm-build.c gsm_build_pdu_session_establishment_accept denial of service

5.3CVSS0.00014EPSS

Exploits1References5

Positive Technologies•added 2026/05/11 12:0 a.m.•7 views

PT-2026-39565

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsm build pdu session establishment accept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be...

5.3CVSS5.5AI score0.00014EPSS

Exploits1References6

CNNVD•added 2026/05/07 12:0 a.m.•6 views

GitHub Enterprise Server 访问控制错误漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.21 of GitHub Enterprise Server, there was an access control...

6.5CVSS5.9AI score0.00167EPSS

Exploits0References1

EUVD•added 2026/04/03 12:31 a.m.•1 views

EUVD-2022-55960

Hirschmann EagleSDV contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability...

8.7CVSS5.9AI score0.00004EPSS

Exploits0References2

Positive Technologies•added 2026/04/02 12:0 a.m.•2 views

PT-2026-29901

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service...

8.7CVSS5.9AI score0.00004EPSS

Exploits0References5

OSV•added 2026/02/13 5:16 p.m.•1 views

CVE-2025-70123

An improper input validation and protocol compliance vulnerability in free5GC v4.0.1 allows remote attackers to cause a denial of service. The UPF incorrectly accepts a malformed PFCP Association Setup Request, violating 3GPP TS 29.244. This places the UPF in an inconsistent state where a...

7.5CVSS5.7AI score

Exploits0References1

Vulnrichment•added 2026/02/13 12:0 a.m.•2 views

CVE-2025-70123

5.7AI score0.00291EPSS

Exploits1References1

CVE•added 2026/02/13 12:0 a.m.•7 views

CVE-2025-70123

The CVE-2025-70123 entry concerns free5GC v4.0.1 where an improper input validation and protocol compliance flaw in the UPF allows remote denial-of-service. Specifically, a malformed PFCP Association Setup Request can be accepted, violating 3GPP TS 29.244, placing the UPF in an inconsistent state...

7.5CVSS5.7AI score0.00291EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2026/02/13 12:0 a.m.•2 views

PT-2026-8008

Name of the Vulnerable Software and Affected Versions free5GC version 4.0.1 Description An improper input validation and protocol compliance issue exists in free5GC version 4.0.1. The UPF component incorrectly accepts a malformed PFCP Association Setup Request, violating 3GPP TS 29.244. This lead...

7.5CVSS5.5AI score0.00291EPSS

Exploits1References5

Snyk•added 2026/02/06 2:47 a.m.•1 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the establishPfcpSession function. An attacker can cause a denial of service by sending specially crafted requests that trigger a null pointer dereference in the SMF component. Remediation Upgrade...

7.5CVSS6.1AI score0.00119EPSS

Exploits1References2

Cvelist•added 2026/02/06 1:32 a.m.•26 views

CVE-2026-1973 Free5GC SMF establishPfcpSession null pointer dereference

A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. I...

6.9CVSS0.00119EPSS

Exploits1References7

CVE•added 2026/02/06 1:32 a.m.•5 views

CVE-2026-1973

The CVE-2026-1973 entry affects Free5GC, specifically the SMF component function establishPfcpSession, with a null pointer dereference vulnerability reported up to version 4.1.0. Publicly disclosed exploit details indicate remote feasibility. Affected releases include Free5GC up to 4.1.0, with so...

7.5CVSS5.4AI score0.00119EPSS

Exploits1References7Affected Software1

RedhatCVE•added 2026/01/16 9:33 p.m.•5 views

CVE-2026-21918

A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX and MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On all SRX and MX Series platforms, when during TCP session establishment a specific sequence of...

8.7CVSS6.9AI score0.00021EPSS

Exploits0References1