6911 matches found
EUVD-2026-6136
A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...
CVE-2026-2523
A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...
CVE-2026-2523
Open5GS SMF up to version 2.7.6 is affected. The vulnerability resides in smf_gn_handle_create_pdp_context_request (file src/smf/gn-handler.c) and is caused by input manipulation leading to a reachable assertion. It can be exploited remotely, and public proof-of-concept/exploit activity is noted....
CVE-2026-2523
A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...
CVE-2026-2523 Open5GS SMF gn-handler.c smf_gn_handle_create_pdp_context_request assertion
A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...
Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2025-38701)
In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINEDATAFL lacks system.data xattr A syzbot fuzzed image triggered a BUGON in ext4updateinlinedata when an inode had the INLINEDATAFL flag set but was missing the system.data extended attribute. Since this...
Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2024-57924)
In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem encodefh method that may fail for various reasons. The legacy users of exportfsencodefh, namely, nfsd and...
ROS-20260216-73-0046
A vulnerability in the avahialternativehostname function of the Avahi LAN service discovery system is related to a flaw in the use of the assert function. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
PT-2026-8294
Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7 Description An issue exists in Open5GS up to version 2.7.6 related to the smf gn handle create pdp context request function within the SMF component, specifically in the file /src/smf/gn-handler.c. The...
CVE-2026-25922
authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the cpswnew driver not executing the ndosetrxmode callback in the work queue, potentially leading...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to execute the ndosetrxmode callback in the work queue, potentially leading to...
OESA-2026-1350 tinyxml2 security update
TinyXML-2 is a simple, small, efficient, C++ XML parser that can be easily integrated into other programs. TinyXML-2 parses an XML document, and builds from that a Document Object Model DOM that can be read, modified, and saved. Security Fixes: TinyXML2 through 10.0.0 has a reachable assertion fo...
OESA-2026-1349 tinyxml2 security update
TinyXML-2 is a simple, small, efficient, C++ XML parser that can be easily integrated into other programs. TinyXML-2 parses an XML document, and builds from that a Document Object Model DOM that can be read, modified, and saved. Security Fixes: TinyXML2 through 10.0.0 has a reachable assertion fo...
FreeBSD : MongoDB Server -- CWE-617 Reachable Assertion (7b5671f9-0800-11f1-8a6f-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7b5671f9-0800-11f1-8a6f-b42e991fc52e advisory. https://jira.mongodb.org/browse/SERVER-99119 reports: An authorized user may trigger a server crash by...
CVE-2026-25922
authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...
CVE-2026-25922 authentik has a Signature Verification Bypass via SAML Assertion Wrapping
authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...
CVE-2026-25922
The vulnerability CVE-2026-25922 affects authentik (open-source identity provider) prior to versions 2025.8.6, 2025.10.4, and 2025.12.4. When a SAML Source has Verify Assertion Signature enabled and not Verify Response Signature, or when Encryption Certificate is not configured under Advanced Pro...
CVE-2026-25922
authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...
CVE-2026-25922 authentik has a Signature Verification Bypass via SAML Assertion Wrapping
authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...