6 matches found
CVE-2026-44320
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-callback route group without inbound OAuth2/bearer-token authorization. A forged or arbitrary bearer token e.g. Authorization: Bearer not-a-real-token is enough to reach the SMF-callback...
BIT-PHP-2026-7259 Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...
MiracleLinux 3 : libvirt-0.6.3-33.3.0.1.AXS3 (AXSA:2010-411:04)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-411:04 advisory. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. Security issues fixed with this...
kernel: Linux kernel iavf driver: Denial of Service via use-after-free vulnerability
A flaw was found in the Linux kernel's iavf driver. A local user with administrative capabilities can exploit a use-after-free vulnerability, caused by a mismatch in network interface NAPI list management functions. This can lead to dangling NAPI entries, resulting in a kernel crash and a Denial ...
PT-2023-6554 · Linux +9 · Linux Kernel +9
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perf read group...
Arista Strata 安全漏洞
Arista Networks Arista Strata is a network switch from Arista Networks. A security vulnerability exists in the Arista Strata that stems from a mismatch in the IP protocol field between a rule in a port's IPv4 access list and a rule on a "vxlan" as a protocol...