38 matches found
CVE-2026-44589
Nuxt OG Image generates OG Images with Vue templates in Nuxt. The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. It has an incomplete IPv6 prefix list and is missing redirect re-validatio...
CVE-2026-44589 nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
Nuxt OG Image generates OG Images with Vue templates in Nuxt. The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. It has an incomplete IPv6 prefix list and is missing redirect re-validatio...
CVE-2026-8224
A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcfsesssetipv6prefix of the file /src/pcf/context.c of the component PCF. Executing a manipulation of the argument SmPolicyContextData.ipv6AddressPrefix can lead to denial of service. It is possible to...
GHSA-C2RM-G55X-8HR5 nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
Summary The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. The patch advisory states "Decimal/hexadecimal IP encoding bypasses are also handled" — that part is true Node's WHATWG URL pars...
nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
Summary The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. The patch advisory states "Decimal/hexadecimal IP encoding bypasses are also handled" — that part is true Node's WHATWG URL pars...
CVE-2026-7583
A flaw has been found in Open5GS up to 2.7.7. This issue affects the function bsfsessfindbyipv6prefix of the file /src/bsf/context.c of the component BSF. This manipulation of the argument ipv6Prefix causes denial of service. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-7583
A flaw has been found in Open5GS up to 2.7.7. This issue affects the function bsfsessfindbyipv6prefix of the file /src/bsf/context.c of the component BSF. This manipulation of the argument ipv6Prefix causes denial of service. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-7583 Open5GS BSF context.c bsf_sess_find_by_ipv6prefix denial of service
A flaw has been found in Open5GS up to 2.7.7. This issue affects the function bsfsessfindbyipv6prefix of the file /src/bsf/context.c of the component BSF. This manipulation of the argument ipv6Prefix causes denial of service. It is possible to initiate the attack remotely. The exploit has been...
EUVD-2026-26661
A flaw has been found in Open5GS up to 2.7.7. This issue affects the function bsfsessfindbyipv6prefix of the file /src/bsf/context.c of the component BSF. This manipulation of the argument ipv6Prefix causes denial of service. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-7583 Open5GS BSF context.c bsf_sess_find_by_ipv6prefix denial of service
A flaw has been found in Open5GS up to 2.7.7. This issue affects the function bsfsessfindbyipv6prefix of the file /src/bsf/context.c of the component BSF. This manipulation of the argument ipv6Prefix causes denial of service. It is possible to initiate the attack remotely. The exploit has been...
PT-2026-36483
A flaw has been found in Open5GS up to 2.7.7. This issue affects the function bsf sess find by ipv6prefix of the file /src/bsf/context.c of the component BSF. This manipulation of the argument ipv6Prefix causes denial of service. It is possible to initiate the attack remotely. The exploit has bee...
Open5GS 安全漏洞
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.7 and earlier, which stems from the incorrect operation of the parameter ipv6Prefix by the bsfsessfindbyipv6prefix...
EUVD-2011-3287
Malware in sbrugna...
EUVD-2003-0423
Malware in sbrugna...
EUVD-2015-8602
Malware in sbrugna...
EUVD-2021-2824
Malicious code in bioql PyPI...
EUVD-2023-32253
Malicious code in bioql PyPI...
CVE-2025-21993 iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()
In the Linux kernel, the following vulnerability has been resolved: iscsiibft: Fix UBSAN shift-out-of-bounds warning in ibftattrshownic When performing an iSCSI boot using IPv6, iscsistart still reads the /sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix length is 64, this...
PT-2024-14012 · Unknown · Contiki-Ng
Name of the Vulnerable Software and Affected Versions: Contiki-NG versions prior to the next release Description: An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. The prefix information of the DIO message...
CVE-2023-28583 Double Free in Data Network Stack & Connectivity
Memory corruption when IPv6 prefix timer objects lifetime expires which are created while Netmgr daemon gets an IPv6 address...