17 matches found
CVE-2024-34048
O-RAN RIC I-Release e2mgr lacks array size checks in E2nodeConfigUpdateNotificationHandler...
CVE-2024-34045
The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for message.peerInfo-countersININITIMSGCOUNTERProcedureCodeidE2setup-Increment...
CVE-2024-34473
An issue was discovered in appmgr in O-RAN Near-RT RIC I-Release. An attacker could register an unintended RMR message type during xApp registration to disrupt other service components...
CVE-2024-34045
The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for message.peerInfo-countersININITIMSGCOUNTERProcedureCodeidE2setup-Increment...
CVE-2024-34047
O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateHandler...
CVE-2024-34043
O-RAN RICAPP kpimon-go I-Release has a segmentation violation via a certain E2AP-PDU message...
CVE-2024-34044
The O-RAN E2T I-Release buildPrometheusList function can have a NULL pointer dereference because peerInfo can be NULL...
CVE-2024-34045
The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for message.peerInfo-countersININITIMSGCOUNTERProcedureCodeidE2setup-Increment...
CVE-2024-34047
O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateHandler...
CVE-2024-34043
O-RAN RICAPP kpimon-go I-Release has a segmentation violation via a certain E2AP-PDU message...
PT-2024-25664 · O Ran · O-Ran Ric I-Release E2Mgr
Name of the Vulnerable Software and Affected Versions: O-RAN RIC I-Release e2mgr affected versions not specified Description: The issue is related to a lack of array size checks in the RicServiceUpdateHandler of the O-RAN RIC I-Release e2mgr. Recommendations: At the moment, there is no informatio...
CVE-2024-34047
O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateHandler...
CVE-2024-34043
CVE-2024-34043 affects O-RAN RICAPP kpimon-go I-Release. The vulnerability is a segmentation violation triggered by a certain E2AP-PDU message in that release. Documented impact notes are low severity with local access and minimal user interaction (CVSS v3.1 base score 5.3). Connected sources (Re...
PT-2024-25665 · O Ran · O-Ran Ric I-Release E2Mgr
Name of the Vulnerable Software and Affected Versions: O-RAN RIC I-Release e2mgr affected versions not specified Description: The issue is related to a lack of array size checks in the E2nodeConfigUpdateNotificationHandler of the O-RAN RIC I-Release e2mgr. No information is provided about the...
CVE-2024-34043
O-RAN RICAPP kpimon-go I-Release has a segmentation violation via a certain E2AP-PDU message...
PT-2024-25663 · Unknown · O-Ran E2T I-Release
Name of the Vulnerable Software and Affected Versions: O-RAN E2T I-Release affected versions not specified Description: The issue concerns the O-RAN E2T I-Release Prometheus metric Increment function, which can crash in sctpThread.cpp. This crash occurs when the Increment function is called for...
Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to HTTP request smuggling and a buffer overflow (CVE-2022-22720, CVE-2022-22721)
Summary IBM HTTP Server powered by Apache for IBM i is vulnerable to HTTP requst smuggling and a buffer overflow attack as described in the vulnerability details section. IBM i has addressed the CVEs by providing fixes to the Apache HTTP Server implementation as described in the Remediation/Fixes...