EUVD-2008-1604

Malware in sbrugna...

EUVD-2024-53929

Malicious code in bioql PyPI...

(0Day) Microsoft Azure AP5GC gNB-ID Use of Multiple Resources with Duplicate Identifier Denial-Of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the gNB-ID provided to the AP5GC endpoint. The product...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for set...

CVE-2025-25774

An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMF's internal state machine, leading to an AMF crash and resulting in a Denial of Service DoS...

CVE-2025-25774

An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMF's internal state machine, leading to an AMF crash and resulting in a Denial of Service DoS...

CVE-2024-34036

An issue was discovered in O-RAN Near Realtime RIC I-Release. To exploit this vulnerability, an attacker can disrupt the initial connection between a gNB and the Near RT-RIC by inundating the system with a high volume of subscription requests via an xApp...

CVE-2024-34036

The CVE concerns the O-RAN Near Realtime RIC I-Release. The issue arises when an attacker inundates the system with a high volume of xApp subscription requests to disrupt the initial gNB–Near RT-RIC connection. Documented impact is disruption of the initial connection; no explicit exploit details...

CVE-2024-34036

An issue was discovered in O-RAN Near Realtime RIC I-Release. To exploit this vulnerability, an attacker can disrupt the initial connection between a gNB and the Near RT-RIC by inundating the system with a high volume of subscription requests via an xApp...

CVE-2024-33382

An issue in Open5GS v.2.7.0 allows an attacker to cause a denial of service via the 64 unsuccessful UE/gnb registration...

Open5GS Denial of Service Vulnerability (CNVD-2025-18589)

Open5GS is an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which originates from the amfgnbfindbyaddr function in /src/amf/amf-context.c that only detects the Ip address and does not detect if it i...

gnb-locator.ru Improper Access Control vulnerability OBB-2261162

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cross site scripting

Cross-site scripting XSS vulnerability in GNB DesignForm before 3.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the email form...

CVE-2008-1603

Cross-site scripting XSS vulnerability in GNB DesignForm before 3.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the email form...

CVE-2008-1603

CVE-2008-1603 describes an XSS vulnerability in GNB DesignForm prior to 3.9, where an attacker could cause arbitrary script execution in a user’s browser through the email form. The issue stems from DesignForm, a CGI mail form, with unspecified vectors for the input that leads to script injection...

CVE-2008-1603

Cross-site scripting XSS vulnerability in GNB DesignForm before 3.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the email form...

JVN#58803701 DesignForm cross-site scripting vulnerability

DesignForm is a mail form CGI provided by GNB. It is used to send mail from a form on a web page. A cross-site scripting vulnerabiltiy exists in DesignForm. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to...