203 matches found
CVE-2026-32937
free5GC is an open source 5G core network. free5GC CHF prior to version 1.2.2 has an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic...
CVE-2026-32937
free5GC is an open source 5G core network. free5GC CHF prior to version 1.2.2 has an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic...
CVE-2026-32937 free5GC CHF has Out-of-Bounds Slice Access that Leads to DoS
free5GC is an open source 5G core network. free5GC CHF prior to version 1.2.2 has an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic...
CVE-2026-32937
This CVE affects free5GC CHF prior to v1.2.2, where an out-of-bounds slice access in nchf-convergedcharging RechargePut(...) can be triggered by an authenticated PUT to /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=.... The result is a server-side panic converted to HTTP 500 by Gin, ena...
CVE-2026-32937 free5GC CHF has Out-of-Bounds Slice Access that Leads to DoS
free5GC is an open source 5G core network. free5GC CHF prior to version 1.2.2 has an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic...
CVE-2026-32937 free5GC CHF has Out-of-Bounds Slice Access that Leads to DoS
free5GC is an open source 5G core network. free5GC CHF prior to version 1.2.2 has an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic...
CVE-2026-32937
free5GC is an open source 5G core network. free5GC CHF prior to version 1.2.2 has an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic...
free5GC 输入验证错误漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 1.2.2 contained a vulnerability related to input validation errors. This vulnerability stemmed from excessive slicing access within the CHF nchf-convergedcharging service, which could lea...
Out-of-Bounds Slice Access in free5GC CHF Leading to DoS
Impact This is an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic in github.com/free5gc/chf/internal/sbi.Server.RechargePut... due t...
GHSA-6G43-577R-WF4X Out-of-Bounds Slice Access in free5GC CHF Leading to DoS
Impact This is an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic in github.com/free5gc/chf/internal/sbi.Server.RechargePut... due t...
PT-2026-26176
free5GC is an open source 5G core network. free5GC CHF prior to version 1.2.2 has an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic...
CVE-2025-27708
Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...
CVE-2025-27708
Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...
CVE-2025-27708
The CVE-2025-27708 entry describes an out-of-bounds read in Intel CSME firmware (Ring 0) that may allow information disclosure. A local attacker with privileged user rights and high attack complexity could expose data without user interaction, with confidentiality impact High and no integrity/ava...
Intel Chipset Firmware February 2026 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability, which might allow denial of service or information disclosure. Intel is...
Intel Converged Security and Management Engine(CSME) 缓冲区错误漏洞
The Intel Converged Security and Management Engine CSME is a security management engine developed by Intel Corporation in the United States. The Intel Converged Security and Management Engine Firmware contains a buffer overflow vulnerability, which stems from out-of-bounds reads, potentially...
2026.1 IPU, Intel® Chipset Firmware Advisory
Summary: Potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability may allow denial of service or information disclosure. Intel is releasing firmware updates t...
PT-2026-7295
Name of the Vulnerable Software and Affected Versions IntelR Converged Security and Management Engine CSME Firmware FW affected versions not specified Description An out-of-bounds read issue exists in the firmware within Ring 0: Kernel, potentially allowing information disclosure. A system softwa...
Security Bulletin: Multiple Vulnerabilities in Hyper Converged Database
Summary Multiple vulnerabilities were addressed in Hyper Converged Database version 1.2.4 coming for base Docker images. Vulnerability Details CVEID:CVE-2019-12904 DESCRIPTION: In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical...
Security Bulletin: Multiple Vulnerabilities in Hyper Converged Database
Summary Multiple vulnerabilities were addressed in Hyper Converged Database version 1.2.4 Vulnerability Details CVEID:CVE-2017-6519 DESCRIPTION: avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows...