CVE-2025-41067

CVE-2025-41067 affects Open5GS NRF (Network Repository Function) up to version 2.7.6. A reachable assertion can be triggered by an SBI request that deletes the NRF’s own registry, crashing the NRF process and rendering the discovery service unavailable (DoS). A PoC exploit for this vulnerability ...

Open5GS 安全漏洞

Open5GS is an Open5GS open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.5 and earlier, which stems from a reachable assertion issue that could lead to a denial-of-service attack...

NewStart CGSL MAIN 7.02 : qemu Multiple Vulnerabilities (NS-SA-2025-0248)

The remote NewStart CGSL host, running version MAIN 7.02, has qemu packages installed that are affected by multiple vulnerabilities: - A flaw was found in QEMU. An assertion failure was present in the updatesctpchecksum function in hw/net/nettxpkt.c when trying to calculate the checksum of a...

Security Bulletin: multiple vulerability in IBM Spectrum Symphony with ISC BIND

Summary multiple vulerability in IBM Spectrum Symphony with ISC BIND Vulnerability Details CVEID:CVE-2023-4408 DESCRIPTION: The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queri...

EUVD-2022-55656

In the Linux kernel, the following vulnerability has been resolved: ASoC: audio-graph-card: fix refcount leak of cpuep in graphforeachlink The ofgetnextchild returns a node with refcount incremented, and decrements the refcount of prev. So in the error path of the while loop, ofnodeput needs be...

CLSA-2025-1761074965 jasper: Fix of CVE-2025-8836

CVE-2025-8836: fix manipulation in function jpcfloorlog2 to prevent reachable assertion...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987615 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch...

CVE-2025-61911

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...

JLSEC-2025-117 FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion fai...

FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from a an assertion failure at src/libavutil/mathematics.c...

CVE-2025-58075 Arbitrary Mattermost Team can be joined by manipulating the SAML RelayState

Mattermost versions 10.11.x = 10.11.1, 10.10.x = 10.10.2, 10.5.x = 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the RelayState...

EUVD-2022-55082

In the Linux kernel, the following vulnerability has been resolved: net: preserve skbendoffset in skbunclonekeeptruesize syzbot found another way to trigger the infamous WARNONONCEdelta truesize value, we also need to make sure TCP wont fill new tailroom that pskbexpandhead was able to get from a...

EUVD-2025-34655

When the BIG-IP system is configured as both a Security Assertion Markup Language SAML service provider SP and Identity Provider IdP, with single logout SLO enabled on an access policy, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have...

CVE-2025-47148 BIG-IP APM and SSL Orchestrator vulnerability

When the BIG-IP system is configured as both a Security Assertion Markup Language SAML service provider SP and Identity Provider IdP, with single logout SLO enabled on an access policy, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have...

CVE-2025-47148

CVE-2025-47148 affects BIG-IP with APM/SSL Orchestrator when configured as both SAML SP and IdP with SLO enabled; undisclosed requests can cause memory resource exhaustion, leading to DoS on the BIG-IP data plane. F5’s October 2025 security bundle K000156572 provides fixes across multiple branche...

CVE-2025-42902

Due to the memory corruption vulnerability in SAP NetWeaver AS ABAP and ABAP Platform, an unauthenticated attacker can send a corrupted SAP Logon Ticket or SAP Assertion Ticket to the SAP application server. This leads to a dereference of NULL which makes the work process crash. As a result, it h...

CVE-2025-25252

An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL VPN 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4 all versions may allow a remote attacker e.g. a former admin whose account was removed and whose session was terminated in possessi...

CVE-2025-25252

This CVE (CVE-2025-25252) concerns an Insufficient Session Expiration (CWE-613) in FortiOS SSL VPN across multiple major releases, allowing a remote attacker with a valid SAML session record (e.g., a former admin) to access or reopen that session via re-use of the SAML record. A public POC exists...

CVE-2025-25252

An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL VPN 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4 all versions may allow a remote attacker e.g. a former admin whose account was removed and whose session was terminated in possessi...

CVE-2025-42902

Due to the memory corruption vulnerability in SAP NetWeaver AS ABAP and ABAP Platform, an unauthenticated attacker can send a corrupted SAP Logon Ticket or SAP Assertion Ticket to the SAP application server. This leads to a dereference of NULL which makes the work process crash. As a result, it h...

CVE-2025-42902 Memory Corruption vulnerability in SAP Netweaver AS ABAP and ABAP Platform

Due to the memory corruption vulnerability in SAP NetWeaver AS ABAP and ABAP Platform, an unauthenticated attacker can send a corrupted SAP Logon Ticket or SAP Assertion Ticket to the SAP application server. This leads to a dereference of NULL which makes the work process crash. As a result, it h...