Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited to cause a denial of service by an attacker who sends an "Initial UE Message" that lacks the required...

CVE-2024-34235

Open5GS MME versions = 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial UE Message missing a required NASPDU field to repeatedly crash the MME, resulting in denial of service...

PT-2025-1431 · Magma · Magma

Name of the Vulnerable Software and Affected Versions: Magma versions 1.8.0 and earlier Description: A Null pointer dereference issue in the Mobile Management Entity MME allows network-adjacent attackers to crash the MME via an S1AP "Initial UE Message" packet missing an expected RRC Establishmen...

PT-2025-1426 · Magma · Magma

Name of the Vulnerable Software and Affected Versions: Magma versions 1.8.0 and earlier Description: A null pointer dereference issue in the Mobile Management Entity MME allows network-adjacent attackers to crash the MME via an S1AP "Initial UE Message" packet missing an expected TAI field. This...

DEBIAN-CVE-2025-21648

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...

nanoid: nanoid mishandles non-integer values

A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects: - In browser and non-secure, the code infinite loops on while size-- - In node, the value of poolOffset becomes...

CVE-2024-53704

An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. Recent assessments: remmons-r7 at January 28, 2025 3:26pm UTC reported: On January 7, 2025, SonicWall announced an authentication bypass affecting SonicOS, the...

UBUNTU-CVE-2024-56645

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...

Amazon Linux 2 : edk2 (ALAS-2024-2722)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2722 advisory. A heap overflow in LzmaUefiDecompressGetInfo function in EDK II. CVE-2021-28211 BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting...

Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations

About C.A.S C.A.S Cyber Anarchy Squad is a hacktivist group that has been attacking organizations in Russia and Belarus since 2022. Besides data theft, its goal is to inflict maximum damage, including reputational. To this end, the group's attacks exploit vulnerabilities in publicly available...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in the violation of the buffer boundary, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to a violation of the buffer’s initial limit. Exploiting this vulnerability allows an attacker to execute arbitrary code...

PT-2024-28278 · Open Robotics · Ros2 +1

Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version Description: A heap overflow was discovered in the nav2 amcl process. This issue is triggered via sending a crafted message to the component /initialpose. Recommendations:...

CVE-2024-30964

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the initialposesub thread created by nav2btnavigator...

Nav2 安全漏洞

Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of an insecure privilege vulnerability. A local attacker exploiting this vulnerability could execute arbitrary code via the initialposesub thread created by...

kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

Client-Side Enforcement of Server-Side Security

Overview ethyca-fides is an Open-source ecosystem for data privacy as code. Affected versions of this package are vulnerable to Client-Side Enforcement of Server-Side Security due to improper implementation of password policy validations in the /api/v1/user/accept-invite endpoint. An attacker can...

CVE-2016-10394 Improper Authentication in Core

Initial xblsec revision does not have all the debug policy features and critical checks...

The vulnerability of the file conversion tools between different formats—PS/IGES Parasolid Translator and the simulation modeling application Simcenter Femap—allows a perpetrator to execute arbitrary code.

The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator and the simulation application Simcenter Femap, is related to errors in data type mixing. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially...

requests: subsequent requests to the same host ignore cert verification

An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...

DEBIAN-CVE-2024-53045

In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: fix bounds checker error in dapmwidgetlistcreate The widgets array in the sndsocdapmwidgetlist has a countedby attribute attached to it, which points to the numwidgets variable. This attribute is used in bounds...