CVE-2025-15555

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hssogsdiamcxmarcb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGSKEYLEN results in stack-based buffer overflow. The attack may be...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of the OGSKEYLEN parameter in the function...

PT-2026-5891

Name of the Vulnerable Software and Affected Versions Open5GS versions through 2.7.6 Description A security flaw exists in Open5GS. The issue involves a stack-based buffer overflow in the hss ogs diam cx mar cb function within the src/hss/hss-cx-path.c file, part of the VoLTE Cx-Test component. T...

CLSA-2026-1770028764 kernel: Fix of 14 CVEs

efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705 - libceph: fix potential use-after-free in havemonandosdmap CVE-2025-68285 - scsi: lpfc: Fix...

kernel: Linux kernel (openvswitch): Denial of Service and limited data exposure via improper key length validation

A flaw was found in the Linux kernel's openvswitch virtual environment. A local attacker with low privileges could exploit improper data and key length validation in the set action. This could lead to a denial of service, making the system unresponsive, and potentially result in limited informati...

kernel: Linux kernel (openvswitch): Denial of Service and limited data exposure via improper key length validation

A flaw was found in the Linux kernel's openvswitch virtual environment. A local attacker with low privileges could exploit improper data and key length validation in the set action. This could lead to a denial of service, making the system unresponsive, and potentially result in limited informati...

openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file

A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service DoS by crashing the application, and in some cases, may enable arbitrary code execution...

kernel: Linux kernel (openvswitch): Denial of Service and limited data exposure via improper key length validation

A flaw was found in the Linux kernel's openvswitch virtual environment. A local attacker with low privileges could exploit improper data and key length validation in the set action. This could lead to a denial of service, making the system unresponsive, and potentially result in limited informati...

kernel: Linux kernel (openvswitch): Denial of Service and limited data exposure via improper key length validation

A flaw was found in the Linux kernel's openvswitch virtual environment. A local attacker with low privileges could exploit improper data and key length validation in the set action. This could lead to a denial of service, making the system unresponsive, and potentially result in limited informati...

kernel: Linux kernel (openvswitch): Denial of Service and limited data exposure via improper key length validation

A flaw was found in the Linux kernel's openvswitch virtual environment. A local attacker with low privileges could exploit improper data and key length validation in the set action. This could lead to a denial of service, making the system unresponsive, and potentially result in limited informati...

kernel: Linux kernel (openvswitch): Denial of Service and limited data exposure via improper key length validation

A flaw was found in the Linux kernel's openvswitch virtual environment. A local attacker with low privileges could exploit improper data and key length validation in the set action. This could lead to a denial of service, making the system unresponsive, and potentially result in limited informati...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37789)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37789 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004394)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004394 advisory. The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing t...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004044)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004044 advisory. The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing t...

MiracleLinux 4 : openswan-2.6.32-4.2.0.1.AXS4 (AXSA:2011-553:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-553:01 advisory. Openswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authenticatio...

CVE-2021-28846

A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service due to a logic bug at address 0x40dcd0 when calling fprintf with "%s: key len = %d, too long\...

CVE-2022-38493

Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE JSON Web Encryption token...

CVE-2019-18863

A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercep...

CVE-2023-54325

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix out-of-bounds read When preparing an AER-CTR request, the driver copies the key provided by the user into a data structure that is accessible by the firmware. If the target device is QAT GEN4, the key size is...

CVE-2023-54325

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix out-of-bounds read When preparing an AER-CTR request, the driver copies the key provided by the user into a data structure that is accessible by the firmware. If the target device is QAT GEN4, the key size is...