Lucene search
K

18 matches found

OSV
OSV
added 2026/06/30 1:30 p.m.4 views

MINI-7PRW-57M6-WF4X

Bulletin has no description...

5.7AI score
Exploits0
EUVD
EUVD
added 2026/05/27 3:44 p.m.10 views

EUVD-2026-32574

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/ueId/servingPlmnId/ee-subscriptions/subsId/amf-subscriptions handler panics on a single authenticated request against a fresh UDR instance when the supplied ueId does n...

6.5CVSS6AI score0.0042EPSS
Exploits1References4
CVE
CVE
added 2026/05/01 2:14 p.m.16 views

CVE-2026-31744

Summary: CVE-2026-31744 concerns the Linux kernel energy model code path that processes perf domain IDs. The function dev_energymodel_nl_get_perf_domains_doit() calls em_perf_domain_get_by_id() and uses its return value without verifying it; if a caller supplies a non-existent perf domain ID, em_...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/25 12:26 a.m.6 views

SUSE CVE-2026-27840

ZITADEL is an open source identity management platform. Starting in version 2.31.0 and prior to versions 3.4.7 and 4.11.0, opaque OIDC access tokens in the v2 format truncated to 80 characters are still considered valid. Zitadel uses a symmetric AES encryption for opaque tokens. The cleartext...

4.3CVSS5.9AI score0.00142EPSS
Exploits0References3
OSV
OSV
added 2026/03/22 7:0 p.m.3 views

MINI-5F9H-5Q73-M67R

Bulletin has no description...

6.3CVSS5.7AI score0.00385EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/27 4:13 a.m.8 views

CVE-2026-27840

ZITADEL is an open source identity management platform. Starting in version 2.31.0 and prior to versions 3.4.7 and 4.11.0, opaque OIDC access tokens in the v2 format truncated to 80 characters are still considered valid. Zitadel uses a symmetric AES encryption for opaque tokens. The cleartext...

4.3CVSS5.5AI score0.00142EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 7:16 p.m.6 views

CVE-2025-65563

A denial-of-service vulnerability exists in the omec-project UPF component upf-epc/pfcpiface up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler...

7.5CVSS0.00369EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.3 views

Assessment of Quantitative Cyber-Physical Reliability of SCADA Systems in Autonomous Vehicle to Grid (V2G) Capable Smart Grids

The integration of electric vehicles EVs into power grids via Vehicle-to-Grid V2G system technology is increasing day by day, but these phenomena present both advantages and disadvantages. V2G can increase grid reliability by providing distributed energy storage and ancillary services. However, o...

7AI score
Exploits0
OSV
OSV
added 2025/03/06 4:15 p.m.2 views

UBUNTU-CVE-2024-58060

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject structops registration that uses module ptr and the module btfid is missing There is a UAF report in the bpfstructops when CONFIGMODULES=n. In particular, the report is on tcpcongestionops that has a "struct module...

7.8CVSS6.5AI score0.00193EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.5 views

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "ENB Status Transmission" message...

6.3CVSS6.6AI score0.00474EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.2 views

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends a "handover canceled" message that lacks the...

5.3CVSS6.6AI score0.00261EPSS
Exploits1References2
CVE
CVE
added 2024/11/04 1:48 a.m.42 views

CVE-2024-20109

CVE-2024-20109 affects the component identified as ccu (referenced across Red Hat/NVD entries and related advisories). The root cause is a missing bounds check that allows an out-of-bounds write, resulting in local escalation of privileges with System-level execution privileges required. No user ...

6.7CVSS7.2AI score0.00079EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.6 views

PT-2024-18263 · Unknown · Lunary-Ai/Lunary

Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary affected versions not specified Description: An incorrect authorization issue exists in the lunary-ai/lunary repository, specifically within the evaluations.get route in the evaluations API endpoint "/api/evaluations". This...

7.5CVSS7.9AI score0.0055EPSS
Exploits1References8
OSV
OSV
added 2024/04/03 5:15 p.m.2 views

UBUNTU-CVE-2024-26751

In the Linux kernel, the following vulnerability has been resolved: ARM: ep93xx: Add terminator to gpiodlookuptable Without the terminator, if a conid is passed to gpiofind that does not exist in the lookup table the function will not stop looping correctly, and eventually cause an oops...

5.5CVSS6.1AI score0.00245EPSS
Exploits0References23
SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.5 views

SUSE CVE-2005-3810

ipconntrackprotoicmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service kernel oops via a message without ICMP ID ICMPID information, which leads to a null dereference...

7.8CVSS6.6AI score0.01444EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/09/12 10:15 p.m.3 views

CVE-2022-35572

On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, and potentially other vendors/devices due to code reuse, the /SysInfo.htm URI does not require a session ID. This web page calls a showsysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS...

7.5CVSS7.3AI score0.00746EPSS
Exploits1References2
OSV
OSV
added 2020/11/17 9:15 p.m.6 views

CVE-2020-26552

An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access...

7.5CVSS7.1AI score0.01163EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2013/03/14 4:40 p.m.7 views

Tomcat/JBoss Web - Bypass of CSRF prevention filter

org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery CSRF protection mechanism via a request that lacks a session identifier...

4.3CVSS7.3AI score0.09146EPSS
Exploits1References6
Rows per page
Query Builder