CVE-2026-7536

A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsfsessaddbyipaddress of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a manipulation of the argument ipv4Addr can lead to denial of service. The attack can be launched...

CC-Tweaked has an SSRF Protection Bypass with NAT64

CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can reach an...

ROS-20260505-73-0079

A vulnerability in the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address and ipaddress.IPv6Network classes of the ipaddress module of the Python programming language interpreter CPython is related to incorrect IP address range validation. Exploitation of the vulnerability could...

CVE-2026-31394

A flaw was found in the Linux kernel's mac80211 component. This vulnerability occurs when processing stations on APVLAN interfaces, such as 4-address Wireless Distribution System WDS clients. An attacker could trigger a null pointer dereference during Channel Switch Announcement CSA operations,...

CVE-2025-55092 Potential out of bound read in _nx_ipv4_option_process()

In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxipv4optionprocess when processing an IPv4 packet with the timestamp option...

An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected name is compared to any name in that extension regardless of its type. This means that an attacker could impersonate a 4-byte or 16-byte domain by getting a certificate for the corresponding IPv4 or IPv6 address (this would require the attacker to control that IP address, though).

...

ALPINE-CVE-2024-4032

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...

SUSE CVE-2023-38711

An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...

The vulnerability of the FortiTester software-based diagnostic and audit tools for computer networks, as well as the FortiAnalyzer tool for event monitoring and analysis, stems from the lack of protective measures taken for website structures. This allows attackers to carry out cross-site scripting attacks.

The vulnerability of the FortiTester software for diagnosing and auditing computer networks, as well as the FortiAnalyzer software for monitoring and analyzing security events, is related to the lack of protective measures taken for the website structure. Exploiting this vulnerability could allow...

UBUNTU-CVE-2016-10739

In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...