Lucene search
K

6 matches found

Snyk
Snyk
added 2026/05/08 10:56 p.m.6 views

Access of Resource Using Incompatible Type ('Type Confusion')

Overview Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' in the POST /oauth2/token parser process. An attacker can cause repeated panics and degrade service availability by sending specially crafted form-encoded requests with...

8.7CVSS5.8AI score0.00394EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/23 6:14 p.m.3 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in the supi path parameter handling process. An attacker can cause the service to return a 500 Internal Server Error by sending a PATCH request to the sdm-subscriptions endpoint with an empty supi path parameter...

8.7CVSS5.9AI score0.00321EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/23 6:14 p.m.2 views

Improper Neutralization of Null Byte or NUL Character

Overview Affected versions of this package are vulnerable to Improper Neutralization of Null Byte or NUL Character via the URL path parameter handling process. An attacker can cause the application to return a 500 Internal Server Error by injecting a null byte into the URL path parameter...

8.7CVSS5.9AI score0.00354EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/23 6:14 p.m.3 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure due to improper handling of the supi path parameter in the DELETE sdm-subscriptions request. An attacker can cause the service to return an unexpected error response by sending a request with an empty supi parameter...

6.9CVSS5.9AI score0.00282EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/07 7:22 a.m.6 views

CVE-2026-1974

A vulnerability was identified in Free5GC up to 4.1.0. This affects the function ResolveNodeIdToIp of the file internal/sbi/processor/datapath.go of the component SMF. The manipulation leads to denial of service. Remote exploitation of the attack is possible. The exploit is publicly available and...

7.5CVSS5.1AI score0.00499EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.8 views

PT-2026-5598

A vulnerability has been found in Free5GC pcf up to 1.4.1. This affects the function HandleCreateSmPolicyRequest of the file internal/sbi/processor/smpolicy.go. The manipulation leads to null pointer dereference. The attack is possible to be carried out remotely. The exploit has been disclosed to...

6.9CVSS5.4AI score0.00697EPSS
Exploits1References9
Rows per page
Query Builder