Lucene search
K

7041 matches found

ATTACKERKB
ATTACKERKB
added 2025/01/22 1:15 p.m.2 views

CVE-2025-0395

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...

7.5CVSS5.7AI score0.00349EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/01/22 1:15 p.m.13 views

CVE-2025-0395

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...

6.2CVSS0.00349EPSS
Exploits0References12
OSV
OSV
added 2025/01/22 1:15 p.m.11 views

CVE-2025-0395

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...

6.2CVSS7.2AI score
Exploits0References10
Cvelist
Cvelist
added 2025/01/22 1:11 p.m.19 views

CVE-2025-0395

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...

0.00349EPSS
Exploits0References4
CVE
CVE
added 2025/01/22 1:11 p.m.749 views

CVE-2025-0395

Summary (CVE-2025-0395) : The GNU C Library (glibc) versions 2.13 to 2.40 contain a buffer overflow in the assert() failure path where the failure message and size information are not allocated sufficiently, potentially overflowing the heap if the message size aligns to a page boundary. Connected...

6.2CVSS7.6AI score0.00349EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2025/01/22 10:42 a.m.1 views

redis: Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands may lead to denial-of-service

A flaw was found in Redis, an in-memory database that persists on disk. This flaw allows authenticated users to issue an HRANDFIELD or ZRANDMEMBER command with specially crafted arguments to trigger a denial of service by crashing Redis with an assertion failure...

5.5CVSS7.1AI score0.69355EPSS
Exploits0References5
Veracode
Veracode
added 2025/01/22 7:35 a.m.6 views

Signature Bypass

github.com/dexidp/dex is vulnerable to Signature Bypass. The vulnerability is due to issues with XML encoding in the underlying Go library by using the xml-roundtrip-validator from Mattermost, which allows an attacker to bypass the signature verification process in SAML assertions...

9.6CVSS7AI score0.00977EPSS
Exploits0References12Affected Software2
Vulnrichment
Vulnrichment
added 2025/01/22 12:0 a.m.8 views

CVE-2024-24430

A reachable assertion in the mmeuefindbyimsi function of Open5GS = 2.6.4 allows attackers to cause a Denial of Service DoS via a crafted NAS packet...

7.3AI score0.00752EPSS
Exploits1References1
CVE
CVE
added 2025/01/22 12:0 a.m.45 views

CVE-2023-37005

Open5GS MME <= 2.6.4 is affected by an assertion that can be remotely triggered via a malformed ASN.1 packet on the S1AP interface. An attacker can send an Initial Context Setup Failure message missing the required MME_UE_S1AP_ID field, which may repeatedly crash the MME and cause denial of se...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/22 12:0 a.m.6 views

CVE-2023-37022

Open5GS MME versions = 2.6.4 contain a reachable assertion in the UE Context Release Request packet handler. A packet containing an invalid MMEUES1APID field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service...

6.7AI score0.00752EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/22 12:0 a.m.13 views

CVE-2023-37023

Open5GS MME versions = 2.6.4 contain a reachable assertion in the Uplink NAS Transport packet handler. A packet missing its MMEUES1APID field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service...

0.00752EPSS
Exploits1References1
CVE
CVE
added 2025/01/22 12:0 a.m.47 views

CVE-2023-37023

Open5GS MME versions

8.6CVSS6.4AI score0.00752EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/22 12:0 a.m.11 views

CVE-2023-37023

Open5GS MME versions = 2.6.4 contain a reachable assertion in the Uplink NAS Transport packet handler. A packet missing its MMEUES1APID field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service...

6.7AI score0.00752EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/22 12:0 a.m.10 views

CVE-2023-37009

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a Handover Notification message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

0.00474EPSS
Exploits1References1
NVD
NVD
added 2025/01/21 11:15 p.m.13 views

CVE-2024-24427

A reachable assertion in the amfuesetsuci function of Open5GS = 2.6.4 allows attackers to cause a Denial of Service DoS via a crafted NAS packet...

7.5CVSS0.00386EPSS
Exploits0References1
OSV
OSV
added 2025/01/21 11:15 p.m.7 views

CVE-2024-24427

A reachable assertion in the amfuesetsuci function of Open5GS = 2.6.4 allows attackers to cause a Denial of Service DoS via a crafted NAS packet...

7.5CVSS6.6AI score
Exploits0References1
CVE
CVE
added 2025/01/21 12:0 a.m.43 views

CVE-2023-37029

Magma CVE-2023-37029 affects Magma MME in versions

7.5CVSS7AI score0.00596EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/01/21 12:0 a.m.8 views

CVE-2024-24420

A reachable assertion in the decodelinkedtiie function of Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows attackers to cause a Denial of Service DoS via a crafted NAS packet...

0.00584EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/01/20 6:23 a.m.12 views

CVE-2024-57923

In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length passed to zlibcompressfolios can be arbitrary, always setting strm.availin to a multiple of PAGESIZE may cause read-in bytes to exceed t...

7.1CVSS6.5AI score0.00209EPSS
Exploits0References4
NVD
NVD
added 2025/01/19 12:15 p.m.10 views

CVE-2024-57924

In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem encodefh method that may fail for various reasons. The legacy users of exportfsencodefh, namely, nfsd and...

5.5CVSS0.00202EPSS
Exploits0References7
Rows per page
Query Builder