Lucene search
K

507 matches found

EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42632

A security flaw has been discovered in Open5GS 2.7.7. This affects the function amfcontextfinal of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and m...

4.8CVSS5.6AI score0.00121EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fixed a URB memory leak. In gscanopen, the URBs for USB-in transfers are allocated, added to the parent-rxsubmitted anchor, and then submitted. In the complete callback...

5.9AI score0.00197EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: Check actuallength before accessing the header. The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostfram...

5.9AI score0.00156EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: Check actuallength before accessing the data. The URB received in gsusbreceivebulkcallback contains a struct gshostframe. The length of the data after the header depends on the gshostframe...

5.9AI score0.00156EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 7:20 p.m.16 views

Malicious code in nerfstudio-gs (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68238d06ff6ba3548296464666c6d1390341e99d19ee053f7b36170a5e266d71 No suspicious behaviors were observed in this package version. No install-time network activity, no credential or environment scraping, no obfuscated...

6.2AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.11 views

CVE-2026-8250

A vulnerability has been found in Open5GS up to 2.7.7. This affects the function smfn4buildqosflowtomodifylist of the file /src/smf/n4-build.c of the component SMF. Such manipulation leads to denial of service. The attack can be executed remotely. The exploit has been disclosed to the public and...

6.5CVSS5AI score0.00372EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.9 views

CVE-2026-8251

A vulnerability was found in Open5GS up to 2.7.7. This impacts the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. Performing a manipulation results in denial of service. The attack is possible to be carried out remotely. The exploit has been made...

6.5CVSS5AI score0.00461EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/30 8:45 a.m.11 views

CVE-2026-10113

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is an unknown functionality in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. The manipulation results in denial of service. It is possible to launch the attack remotely. The exploit ha...

5.3CVSS5.3AI score0.00296EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fixed the error message. Since committing the patch 79a6d1bfe114 “can: gsusb: gsusbreceivebulkcallback: error in usbsubmiturb, a failed resubmit URB will print an information message”, a...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fixed a memory leak. The gsusb driver appears to have a problem common to many USB CAN adapter drivers. It performs usballoccoherent to allocate a number of USB Request Blocks URBs for reception, and...

5.5CVSS6.3AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Fixed the issue where gsstartio crashed due to accessing a null pointer. In some extreme cases, when the uSerial driver is accessed by multiple threads, Thread A executes the open operation and calls gsOpen...

5.5CVSS6.4AI score0.0022EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: fix time stamp counter initialization If the gsusb device driver is unloaded or unbound before the interface is shut down, the USB stack first calls the struct usbdriver::disconnect, and then the struct...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References2
CVE
CVE
added 2026/05/17 9:15 a.m.22 views

CVE-2026-8744

Open5GS up to 2.7.7 is affected by a denial-of-service in the NRF component, specifically in ogs_sbi_subscription_data_add and ogs_sbi_nf_service_add within /lib/sbi/context.c. The flaw enables remote exploitation and a public exploit exists. Remediation requires applying the official patch refer...

6.5CVSS5.4AI score0.00455EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2026/05/17 5:16 a.m.14 views

CVE-2026-8730

A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogssbinfinstancesetid in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfInstanceId can lead to denial of service. The attack may be performed from remote. The exploit has been...

6.5CVSS0.0038EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.11 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from the ranuefindbyamfuengapid function in the context.c file of the...

6.5CVSS6.6AI score0.00224EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/05/12 8:20 a.m.10 views

CVE-2026-8266

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsmbuildpdusessionestablishmentaccept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be used...

6.5CVSS5.5AI score0.00461EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 3:0 p.m.7 views

CVE-2026-8292

A security vulnerability has been detected in Open5GS up to 2.7.7. The affected element is the function yuarelparse in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument hnrf-uri leads to denial of service. The attack may be performed from remote. The exploit has...

5.3CVSS5.4AI score0.00372EPSS
Exploits1References5
OSV
OSV
added 2026/05/11 1:0 p.m.7 views

CVE-2026-8290 Open5GS SMF nsmf-handler.c smf_nsmf_handle_update_data_in_vsmf denial of service

A security flaw has been discovered in Open5GS up to 2.7.7. This issue affects the function smfnsmfhandleupdatedatainvsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipulation results in denial of service. The attack can be executed remotely. The exploit has been released to...

5.3CVSS5.5AI score0.00372EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.17 views

PT-2026-39596

A vulnerability was identified in Open5GS up to 2.7.7. This vulnerability affects the function smf nsmf handle update data in vsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipulation of the argument qosFlowProfile leads to denial of service. Remote exploitation of the attac...

5.3CVSS5.5AI score0.00372EPSS
Exploits1References6
NVD
NVD
added 2026/05/10 11:16 p.m.40 views

CVE-2026-8250

A vulnerability has been found in Open5GS up to 2.7.7. This affects the function smfn4buildqosflowtomodifylist of the file /src/smf/n4-build.c of the component SMF. Such manipulation leads to denial of service. The attack can be executed remotely. The exploit has been disclosed to the public and...

6.5CVSS0.00372EPSS
Exploits1References5
Rows per page
Query Builder