7041 matches found
CVE-2025-29339
An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF or via direct attack, triggerin...
The vulnerability of the SAML (Security Assertion Markup Language) technology in the PAN-OS operating system allows a perpetrator to increase their privileges.
The vulnerability of the SAML Security Assertion Markup Language technology in the PAN-OS operating system is related to improper session management. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...
PT-2025-22159
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.124 Description A bug in the Linux kernel has been resolved, specifically in the wifi plfxlc module. The plfxlc mac release function incorrectly asserts that mac-lock is held, which is not valid behavior. Thi...
CVE-2025-29339
An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF or via direct attack, triggerin...
CVE-2025-29339
An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF or via direct attack, triggerin...
CVE-2025-29339
An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF or via direct attack, triggerin...
Open5GS 安全漏洞
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. An input validation error vulnerability exists in Open5GS v2.7.2 and earlier versions, which stems from a PFCP session parameter validation failure, and can be exploited b...
PT-2025-17557 · Open5Gs · Open5Gs Upf
Name of the Vulnerable Software and Affected Versions: Open5GS UPF versions up to v2.7.2 Description: The issue results in an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type = 0, the UPF fails to handle the...
Medium: glibc
Issue Overview: When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. CVE-2025-0395 Affected...
glibc: buffer overflow in the GNU C Library's assert()
A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...
CVE-2025-30354
Bruno is an open source IDE for exploring and testing APIs. A bug in the assertion runtime caused assert expressions to run in Developer Mode, even if Safe Mode was selected. The bug resulted in the sandbox settings to be ignored for the particular case where a single request is run/sent. This...
OESA-2025-1371 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem encodefh method that may fail for various...
SUSE CVE-2025-21985
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses WHAT & HOW hpostreamtolinkencodermapping has size MAXHPODP2ENCODERS=4, but location can have size up to 6. As a result, it is necessary to check location against MAXHPODP2ENCODERS...
CVE-2025-30354
Bruno is an open source IDE for exploring and testing APIs. A bug in the assertion runtime caused assert expressions to run in Developer Mode, even if Safe Mode was selected. The bug resulted in the sandbox settings to be ignored for the particular case where a single request is run/sent. This...
CVE-2025-30354 Bruno ignores Safe-Mode in Asserts expressions
Bruno is an open source IDE for exploring and testing APIs. A bug in the assertion runtime caused assert expressions to run in Developer Mode, even if Safe Mode was selected. The bug resulted in the sandbox settings to be ignored for the particular case where a single request is run/sent. This...
CVE-2025-30354 Bruno ignores Safe-Mode in Asserts expressions
Bruno is an open source IDE for exploring and testing APIs. A bug in the assertion runtime caused assert expressions to run in Developer Mode, even if Safe Mode was selected. The bug resulted in the sandbox settings to be ignored for the particular case where a single request is run/sent. This...
CVE-2025-30354
Summary: CVE-2025-30354 affects Bruno, an open source API IDE. A bug in the assertion runtime can cause expressions to run in Developer Mode, causing sandbox settings to be ignored when a single request is executed, specifically when importing collections from untrusted or malicious sources. It r...
CVE-2025-30354 Bruno ignores Safe-Mode in Asserts expressions
Bruno is an open source IDE for exploring and testing APIs. A bug in the assertion runtime caused assert expressions to run in Developer Mode, even if Safe Mode was selected. The bug resulted in the sandbox settings to be ignored for the particular case where a single request is run/sent. This...
SUSE CVE-2025-31160
atop through 2.11.0 allows local users to cause a denial of service e.g., assertion failure and application exit or possibly have unspecified other impact by running certain types of unprivileged processes while a different user runs atop...
PT-2025-14117 · Bruno · Bruno
Name of the Vulnerable Software and Affected Versions: Bruno versions prior to 1.39.1 Description: A bug in the assertion runtime of Bruno, an open source IDE for exploring and testing APIs, caused assert expressions to run in Developer Mode even when Safe Mode was selected. This resulted in the...