Lucene search
K

7041 matches found

CVE
CVE
added 2025/07/12 6:32 p.m.22 views

CVE-2025-7485

CVE-2025-7485 affects Open5GS up to 2.7.3. The vulnerability lies in the SCTP Partial Message Handler, specifically the ngap_recv_handler/s1ap_recv_handler/recv_handler functions, where input manipulation leads to a reachable assertion. Exploitation requires local access. The patch cfa44575020f3f...

4.8CVSS4AI score0.00198EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/07/11 7:57 p.m.8 views

static-alloc vulnerability leads to uninitialized read after allocating MemBump

The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various allocmethods would then read and write the start of that memory as a Cell which isundefined behavior. Instead, it should zero initialize the start of the allocated...

6.9AI score
Exploits0References4Affected Software1
OSV
OSV
added 2025/07/11 7:57 p.m.3 views

GHSA-XRRQ-RRGQ-H89W static-alloc vulnerability leads to uninitialized read after allocating MemBump

The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various allocmethods would then read and write the start of that memory as a Cell which isundefined behavior. Instead, it should zero initialize the start of the allocated...

6.9AI score
Exploits0References4
NVD
NVD
added 2025/07/11 3:15 p.m.4 views

CVE-2025-52964

A Reachable Assertion vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When the device receives a specific BGP UPDATE packet, the rpd crashes and restarts...

7.1CVSS0.00259EPSS
Exploits0References1
OSV
OSV
added 2025/07/11 12:0 p.m.2 views

RUSTSEC-2025-0042 Uninitialized read after allocating MemBump

The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various alloc methods would then read and write the start of that memory as a Cell which is undefined behavior. Instead, it should zero initialize the start of the allocate...

6.9AI score
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.2 views

Nbd: nbdkit: integer overflow triggers an assertion resulting in denial of service

...

6.5CVSS7AI score0.0037EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.4 views

DNS message with invalid TSIG causes an assertion failure

...

7.5CVSS7AI score0.11727EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/07/11 12:0 a.m.2 views

PT-2025-30366 · Crates.Io · Static-Alloc

The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various allocmethods would then read and write the start of that memory as a Cell which isundefined behavior. Instead, it should zero initialize the start of the allocated...

7AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/11 12:0 a.m.3 views

PT-2025-30314 · Crates.Io · Static-Alloc

The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various alloc methods would then read and write the start of that memory as a Cell which is undefined behavior. Instead, it should zero initialize the start of the allocate...

7AI score
Exploits0References4
CNNVD
CNNVD
added 2025/07/11 12:0 a.m.6 views

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper...

7.1CVSS6.6AI score0.00259EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/11 12:0 a.m.8 views

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper...

6CVSS6.6AI score0.00211EPSS
Exploits0References2
OSV
OSV
added 2025/07/10 8:15 a.m.5 views

AZL-64884 CVE-2025-38274 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

5.5CVSS5.6AI score0.00155EPSS
Exploits0References1
OSV
OSV
added 2025/07/10 8:15 a.m.3 views

UBUNTU-CVE-2025-38287

In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cmid has advanced to another message. The cmid lock is not needed in this case, but a recent change re-used cmfreeprivmsg, which...

5.7CVSS6AI score0.00137EPSS
Exploits0References12
OSV
OSV
added 2025/07/10 8:15 a.m.4 views

UBUNTU-CVE-2025-38274

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References30
OSV
OSV
added 2025/07/10 7:42 a.m.5 views

CVE-2025-38287 IB/cm: Drop lockdep assert and WARN when freeing old msg

In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cmid has advanced to another message. The cmid lock is not needed in this case, but a recent change re-used cmfreeprivmsg, which...

5.5CVSS6.4AI score0.00137EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2025/07/10 12:0 a.m.19 views

mod_http2 -- Multiple vulnerabilities

The modhttp2 project reports: a client can increase memory consumption for a HTTP/2 connection via repeated request header names,leading to denial of service certain proxy configurations whith modproxyhttp2 as the backend, an assertion can be triggered by certain requests, leading to denial of...

7.5CVSS7.2AI score0.04409EPSS
Exploits1References1
OSV
OSV
added 2025/07/04 2:42 p.m.2 views

OESA-2025-1725 qt6-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that...

8.4CVSS6.7AI score0.00309EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/03 12:22 p.m.9 views

CVE-2025-6952

A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amfstateoperational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the loc...

4.8CVSS4AI score0.00185EPSS
Exploits1References1
NVD
NVD
added 2025/07/01 12:15 p.m.5 views

CVE-2025-6952

A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amfstateoperational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the loc...

4.8CVSS0.00185EPSS
Exploits1References6
OSV
OSV
added 2025/07/01 12:15 p.m.6 views

CVE-2025-6952

A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amfstateoperational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the loc...

4.8CVSS3.8AI score
Exploits0References6
Rows per page
Query Builder