Lucene search
K

9 matches found

CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Open5GS 授权问题漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.6 and earlier contained vulnerabilities related to authorization. These vulnerabilities were caused by an unknown function in the file...

7.5CVSS7AI score0.00419EPSS
Exploits0References7
CVE
CVE
added 2026/05/28 6:45 a.m.24 views

CVE-2026-6427

The WordPress plugin a3 Lazy Load (versions ≤ 2.7.6) is vulnerable to Stored XSS via crafted markup. A regex bug in _filter_videos() misquotes HTML attributes and, with unescaped output in admin/views/form-data.php, allows an authenticated Contributor to inject a script that executes in any view...

6.4CVSS5.8AI score0.00291EPSS
Exploits0References8
CVE
CVE
added 2026/03/16 1:32 p.m.14 views

CVE-2026-4240

Open5GS CVE-2026-4240 affects the CCA Handler in versions up to 2.7.6. The vulnerable functions are smf_gx_cca_cb, smf_gy_cca_cb, smf_s6b_aaa_cb, and smf_s6b_sta_cb. Root cause: improper handling in the CCA Handler leads to denial of service. Impact is remote, with no authentication required for ...

7.5CVSS5.6AI score0.00534EPSS
Exploits1References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/06 6:32 p.m.6 views

CVE-2026-2062

A vulnerability was identified in Open5GS up to 2.7.6. This affects the function sgwcs5chandlemodifybearerresponse/sgwcsxahandlesessionmodificationresponse of the component PGW S5U Address Handler. The manipulation leads to null pointer dereference. The attack can be initiated remotely. The explo...

6.9CVSS5AI score0.00652EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/01/01 11:32 p.m.32 views

CVE-2025-15418 Open5GS Bearer QoS IE Length types.c ogs_gtp2_parse_bearer_qos denial of service

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function ogsgtp2parsebearerqos in the library lib/gtp/v2/types.c of the component Bearer QoS IE Length Handler. Performing a manipulation results in denial of service. The attack must be initiated fr...

4.8CVSS0.00167EPSS
Exploits1References8
GithubExploit
GithubExploit
added 2025/11/09 10:53 a.m.189 views

Exploit for Reachable Assertion in Open5Gs

Open5GS-CVE-2025-41067-CVE-2025-41068-PoC This repository cont...

8.7CVSS6.7AI score0.00391EPSS
Exploits1
OSV
OSV
added 2025/02/28 7:15 a.m.5 views

CVE-2025-1571

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text and Image Comparison Widgets in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This...

5.4CVSS5.9AI score0.0027EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2022/02/01 12:0 a.m.4 views

VulnCheck KEV: CVE-2022-0441

The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin...

9.8CVSS7.3AI score0.84943EPSS
Exploits8References1
RedHat Linux
RedHat Linux
added 2017/08/01 3:38 p.m.5 views

dnsmasq: Improper bounds checking leads to a buffer overread

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491...

7.5CVSS7.3AI score0.01705EPSS
Exploits1References4
Rows per page
Query Builder