RHEL 8 : dovecot (RHSA-2026:13830)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13830 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

SUSE CVE-2026-33907

Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...

CVE-2026-33907

Ella Core (private 5G core) vulnerability CVE-2026-33907: versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS messages missing IEs, allowing an attacker to crash the process by sending crafted NAS messages without authentication. This leads to serv...

CVE-2026-33907 Ella Core Panics during NAS Authentication Response/Failure with missing IEs

Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...

CVE-2026-33907 Ella Core Panics during NAS Authentication Response/Failure with missing IEs

Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...

CVE-2026-33907 Ella Core Panics during NAS Authentication Response/Failure with missing IEs

Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...

Sni5Gect: a Practical Approach to Inject aNRchy into 5G NR

In this paper, the authors propose and design SNI5GECT – a framework that sniffs messages from pre-authentication 5G communication in real-time and injects targeted attack payload in downlink communication towards the UE...

PT-2023-21583 · Avalanche · Avalanche

Name of the Vulnerable Software and Affected Versions: Avalanche versions 6.3.x and below Description: An authentication bypass issue exists that could allow an attacker to gain access by exploiting the SetUser method or by exploiting a Race Condition in the authentication message. Recommendation...

FortiClient EMS - SAML SSO replay attack

An authentication bypass by capture-replay vulnerability CWE-294 in FortiClient EMS may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages...

PT-2020-19598 · Music Player Daemon · Mpd

Name of the Vulnerable Software and Affected Versions: MPD versions prior to 5.9 Description: The issue allows a remote attacker who can send specifically crafted PPP authentication messages to cause the daemon to read beyond an allocated memory buffer, resulting in a denial of service condition...

CVE-2020-11650

An issue was discovered in iXsystems FreeNAS and TrueNAS 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent...

USN-4152-1 libsoup2.4 vulnerability

It was discovered that libsoup incorrectly handled parsing certain NTLM messages. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause a denial of service...

Microsoft Windows Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access...

Denial of Service Vulnerability in Yuvision Network Cameras

YUVAD IP Camera IPC232S-IR3-HF40-C-DT is a network camera produced by Zhejiang YUVAD Technology Co. A denial-of-service vulnerability exists in the YUVE Network Camera IPC232S-IR3-HF40-C-DT, which can be exploited by an attacker to cause the device to go down by sending variant protocol signaling...

Irssi Reuse After Release Vulnerability

Irssi is a free, open source IRC client for use in Linux and Unix operating systems. A post-release reuse vulnerability exists in Irssi versions prior to 1.0.7 and 1.1.x prior to 1.1.1, which can be exploited by a remote attacker to cause a denial of service or execute arbitrary code via speciall...

DEBIAN-CVE-2018-7053

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order...

UBUNTU-CVE-2018-7053

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order...

EMC NetWorker RPC Authentication Message Handling Remote Denial of Service Vulnerability

EMC NetWorker is an application that supports disk backup, data replication, continuous data protection and deduplication. A security vulnerability in the EMC NetWorker RPC authentication messages allows remote attackers to exploit the vulnerability to submit a special request to cause the...

Authentication flaw

EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service process outage via malformed RPC authentication messages...

Cisco TelePresence Video Communication Server Expressway Denial of Service Vulnerability

Cisco TelePresence Video Communication Server is a video conferencing solution that integrates h.323 and SIP. A security vulnerability exists in Cisco TelePresence Video Communication Server Expressway that allows authenticated users to send special authentication messages for denial of service...