Lucene search
K

20 matches found

Cvelist
Cvelist
added 2026/03/20 12:18 a.m.21 views

CVE-2026-32769 Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace

Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...

7.1CVSS0.00501EPSS
Exploits1References3
CVE
CVE
added 2026/03/20 12:18 a.m.10 views

CVE-2026-32769

Fullchain (github.com/ctfer-io/fullchain) is affected prior to version 0.1.1 due to a mis-written inter-namespace NetworkPolicy that allows a subverted application to pivot to pods outside the origin namespace, enabling lateral movement. The issue has been fixed in version 0.1.1. Workaround: dele...

9.8CVSS5.8AI score0.00501EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/16 8:45 p.m.3 views

GHSA-FGM3-Q9R5-43V9 Romeo's invalid NetworkPolicy enables a malicious actor to pivot into another namespace

Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from the "hardened" namespace to any Pod out of it. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. Patch Removing the inter-ns NetworkPolicy...

7.9CVSS5.8AI score0.00386EPSS
Exploits0References4
OSV
OSV
added 2026/03/09 9:15 a.m.5 views

CVE-2025-41759

An administrator may attempt to block all networks by specifying "" or "all" as the network identifier. However, these values are not supported and do not trigger any validation error. Instead, they are silently interpreted as network 0 which results in no networks being blocked at all...

4.9CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2026/01/16 12:16 a.m.7 views

CVE-2021-47791

SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection history in the client's...

7.5CVSS0.00467EPSS
Exploits1References4
NVD
NVD
added 2025/10/27 1:15 p.m.7 views

CVE-2025-41068

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. This is achieved by sending the creation of an NF with an invalid type via SBI and then requesting its data. The NRF executes a check that crashes the...

8.7CVSS0.00323EPSS
Exploits1References2
OSV
OSV
added 2025/10/27 1:15 p.m.2 views

CVE-2025-41068

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. This is achieved by sending the creation of an NF with an invalid type via SBI and then requesting its data. The NRF executes a check that crashes the...

7.5CVSS6.7AI score
Exploits0References2
EUVD
EUVD
added 2025/10/27 12:47 p.m.5 views

EUVD-2025-36179

Reachable Assertion vulnerability in Open5GS up to version 2.7.5 allows attackers with connectivity to the NRF to cause a denial of service. This is achieved by sending the creation of an NF with an invalid type via SBI and then requesting its data. The NRF executes a check that crashes the...

8.7CVSS6.2AI score0.00323EPSS
Exploits1References3
CVE
CVE
added 2025/10/27 12:47 p.m.15 views

CVE-2025-41068

CVE-2025-41068 : Reachable Assertion in Open5GS NRF. Affected: Open5GS up to version 2.7.6 (and variants cited as up to 2.7.5 in some sources). Condition: attacker with network access to the NRF can trigger by sending an NF creation request with an invalid type via the SBI, then request its data....

8.7CVSS6.3AI score0.00323EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-36294

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00383EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.4 views

Intelbras RX1500和Intelbras RX3000 安全漏洞

The Intelbras RX1500 and Intelbras RX3000 are both routers from Intelbras Brazil. A security vulnerability exists in Intelbras RX1500 version v2.2.9 and Intelbras RX3000 version v1.0.11, which stems from the failure to validate the ESSID name when creating a network, which could lead to the...

9.8CVSS6.9AI score0.01227EPSS
Exploits2References5
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of an invalid network device by the t7xx wwan driver in napi polling, which could lead to null point...

5.5CVSS6.9AI score0.00155EPSS
Exploits0References5
CVE
CVE
added 2023/06/06 7:38 a.m.72 views

CVE-2022-33251

CVE-2022-33251 describes a Transient Denial of Service caused by a reachable assertion in the modem triggered by invalid network configuration. The vulnerability is associated with Qualcomm chipset modems and is rated as High (CVSS v3.1: 7.5, Network attack vector, Low attack complexity, No privi...

7.5CVSS7.5AI score0.00383EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/06 12:0 a.m.4 views

PT-2023-13262 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a Transient DOS due to a reachable assertion in the Modem, caused by an invalid network configuration. Recommendations: At the moment, there is no information about a...

7.5CVSS6.8AI score0.00383EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/06/06 12:0 a.m.6 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from an invalid network configuration resulting in a denial of service due to a reachable assertion in the modem...

7.5CVSS7.3AI score0.00383EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.3 views

Common 安全漏洞

NIMBLE Platform Common is a common module package that can be accessed by NIMBLE services. A security vulnerability exists in Common that stems from an incorrectly validated JSON network token. An attacker could use this vulnerability to forge a valid JWT, which could lead to an authentication...

6.5CVSS6.6AI score0.0109EPSS
Exploits0References5
OSV
OSV
added 2019/03/21 4:0 p.m.2 views

CVE-2018-18881

A Denial of Service DOS issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can configure invalid network settings, stopping TCP based communications to the device. A physical factory rese...

6.5CVSS5.8AI score0.016EPSS
Exploits0References2
OSV
OSV
added 2014/04/28 2:9 p.m.3 views

DEBIAN-CVE-2014-0187

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...

9CVSS6.4AI score0.02942EPSS
Exploits0References1
securityvulns
securityvulns
added 2005/07/09 12:0 a.m.21 views

PrivaShare Peer-to-Peer Chat and File Sharing Application DoS

Denial of service on invalid network message...

2.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2004/06/09 12:0 a.m.33 views

Microsoft DirectPlay DoS

Invalid network packets parsing...

3.6AI score
Exploits0References1Affected Software2
Rows per page
Query Builder