10 matches found
CVE-2026-40343
free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...
Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management
A flaw was found in the Apache Kafka Java producer client. A race condition in the client's buffer pool management can cause messages to be silently delivered to incorrect topics. This occurs when a message batch expires while its network request is still active, leading to premature buffer...
Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management
A flaw was found in the Apache Kafka Java producer client. A race condition in the client's buffer pool management can cause messages to be silently delivered to incorrect topics. This occurs when a message batch expires while its network request is still active, leading to premature buffer...
CVE-2026-40343 free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...
CVE-2026-40343
CVE-2026-40343 concerns free5GC UDR (user data repository) in versions up to and including 1.4.2. The issue is a fail‑open handling flaw in the POST handler for /nudr-dr/v2/policy-data/subs-to-notify: after errors reading the request body or deserializing input, the handler does not terminate and...
CVE-2026-40249
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...
CVE-2026-40249
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...
EUVD-2019-7423
Malware in sbrugna...
The vulnerability of the Scala programming language interpreter, related to errors during data deserialization, allows attackers to execute arbitrary code.
The vulnerability of the Scala programming language interpreter is related to errors during data deserialization. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the _bsotype function in the BSON parsing software package allows a hacker to execute arbitrary code.
The vulnerability of the bsotype function in the BSON parsing software package is related to errors during data deserialization. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...