Lucene search
+L

639 matches found

Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.13 views

Systematic Cybersecurity Risk Analysis of European Rail Traffic Management System

European Rail Traffic Management System ERTMS is a widely adopted standard unifying train management in the EU. While the standard allows for use cases like fully autonomous driving, cybersecurity has been an afterthought. Risk analysis enables the systematic assessment and prioritization of...

5.4AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Do not block the input queue by waiting for the MSC response. Currently, the gsmqueue function processes incoming frames. When opening a DLC channel, it calls gsmdlciopen, which in turn calls gsmmodemupdate. If the bas...

6.6AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: added a sanity check for gsm-receive in gsmreceivebuf A null pointer dereference can occur when attempting to access the “gsm-receive” function in gsmldreceivebuf. Currently, the code assumes that gsm-recieve is only...

5.5CVSS6.4AI score0.0019EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: requires CAPNETADMIN to attach NGSM0710 ldisc. Any unprivileged user can attach to NGSM0710 ldisc, but it still requires CAPNETADMIN to create a GSM network. Additionally, it requires the initial namespace setting of...

5.5CVSS6.1AI score0.00236EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘tty: ngsm: fix UAF in gsmcleanupmux’” This reversion involves commit 9b9c8195f3f0d74a826077fc1c01b9ee74907239. The above commit was reverted because it did not solve the original issue. The function gsmcleanupmux attempt...

5.5CVSS5.4AI score0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A race condition was detected in the GSM 0710 tty multiplexor within the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled. It can lead to a use-after-free issue with the struct gsmdlci during the...

7CVSS6.7AI score0.00767EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/12 8:20 a.m.10 views

CVE-2026-8266

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsmbuildpdusessionestablishmentaccept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be used...

6.5CVSS5.5AI score0.00461EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/11 3:32 p.m.40 views

EUVD-2026-29050

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function gsmhandlepdusessionmodificationqosflowdescriptions of the file src/smf/gsm-handler.c of the component SMF. Executing a manipulation of the argument n1SmMsg can lead to denial of service. The attack may be launched...

5.3CVSS5.5AI score0.00378EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/05/11 12:15 p.m.9 views

CVE-2026-8288

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function gsmhandlepdusessionmodificationqosflowdescriptions of the file src/smf/gsm-handler.c of the component SMF. Executing a manipulation of the argument n1SmMsg can lead to denial of service. The attack may be launched...

5.3CVSS5.5AI score0.00378EPSS
Exploits1References6
CVE
CVE
added 2026/05/11 12:15 p.m.26 views

CVE-2026-8288

Open5GS SMF vulnerability CVE-2026-8288 affects the gsm_handle_pdu_session_modification_qos_flow_descriptions function in gsm-handler.c. Input manipulation of n1SmMsg can trigger a denial of service, with remote exploitation and a publicly disclosed exploit. A fix is proposed in a pull request aw...

6.5CVSS5.5AI score0.00378EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/05/11 12:15 p.m.62 views

CVE-2026-8288 Open5GS SMF gsm-handler.c denial of service

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function gsmhandlepdusessionmodificationqosflowdescriptions of the file src/smf/gsm-handler.c of the component SMF. Executing a manipulation of the argument n1SmMsg can lead to denial of service. The attack may be launched...

5.3CVSS0.00378EPSS
Exploits1References6
EUVD
EUVD
added 2026/05/11 6:31 a.m.13 views

EUVD-2026-29023

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsmbuildpdusessionestablishmentaccept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be used...

5.3CVSS5.5AI score0.00461EPSS
Exploits1References6
OSV
OSV
added 2026/05/11 2:45 a.m.3 views

CVE-2026-8266 Open5GS SMF gsm-build.c gsm_build_pdu_session_establishment_accept denial of service

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsmbuildpdusessionestablishmentaccept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be used...

5.3CVSS5.5AI score0.00461EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2026/05/01 2:11 a.m.10 views

SUSE CVE-2026-6870

GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.3AI score0.0016EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.4 views

Wireshark 4.4.x < 4.4.15 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 4.4.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.4.15 advisory. - RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of servic...

7.8CVSS7AI score0.00306EPSS
Exploits39References142
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.7 views

Wireshark 4.4.x < 4.4.15 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.4.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.4.15 advisory. - RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial ...

7.8CVSS7AI score0.00306EPSS
Exploits39References142
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.18 views

Wireshark 2.2.x < 2.2.15 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.15 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in...

7.5CVSS7.4AI score0.03509EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.3 views

Wireshark 2.4.x < 2.4.7 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.7. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.7 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was...

7.5CVSS7.5AI score0.03509EPSS
Exploits0References19
NVD
NVD
added 2026/04/30 7:16 a.m.6 views

CVE-2026-6870

GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS0.0016EPSS
Exploits1References2
OSV
OSV
added 2026/04/30 5:33 a.m.2 views

CVE-2026-6870 Access of Uninitialized Pointer in Wireshark

GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.9AI score0.0016EPSS
Exploits1References4
Rows per page
Query Builder