Lucene search
K

1253 matches found

Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.16 views

PT-2026-39249

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The Network Exposure Function NEF in free5GC terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. This occurs within the PfdChangeNotifier.FlushNotifications...

7.5CVSS5.8AI score0.00404EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.15 views

PT-2026-38969

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A synchronization bug exists in the amdgpu dma buf move notify function within the drm/amdgpu component. The issue occurs when a buffer object BO is moved by one process, requiring other...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.11 views

SUSE CVE-2026-43103

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEVPRETYPECHANGE lapbethdatatransmit expects the underlying device type to be ARPHRDETHER. Returning NOTIFYBAD from lapbethdeviceevent makes sure bonding driver can not break this expectation...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.8 views

CVE-2026-43103

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEVPRETYPECHANGE lapbethdatatransmit expects the underlying device type to be ARPHRDETHER. Returning NOTIFYBAD from lapbethdeviceevent makes sure bonding driver can not break this expectation...

5.7AI score0.00123EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-37413

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the lapbether network driver where the lapbeth data transmit function expects the underlying device type to be ARPHRD ETHER. The issue is addressed by returning NOTIFY B...

5.5CVSS5.4AI score0.00123EPSS
Exploits0References20
Github Security Blog
Github Security Blog
added 2026/05/05 7:11 p.m.13 views

AVideo: HTML Injection in notifySubscribers.json.php Allows Platform-Branded Phishing Emails to Channel Subscribers

Summary objects/notifySubscribers.json.php takes the raw message POST parameter and passes it into sendSiteEmail, which substitutes it directly into an HTML email template via strreplace on the message placeholder and renders it with PHPMailer::msgHTML. There is no HTML sanitization, character...

6.4CVSS5.9AI score0.00156EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/02 2:47 a.m.6 views

CVE-2026-7518

A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amfnamfcallbackhandlesdmdatachangenotify of the file /namf-callback/v1/id/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes denial of service. The...

5.3CVSS5.5AI score0.00364EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 2:14 p.m.8 views

EUVD-2026-26542

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: validate connector number in ucsinotifycommon The connector number extracted from CCI via UCSICCICONNECTOR is a 7-bit field 0-127 that is used to index into the connector array in ucsiconnectorchange. However, t...

5.8AI score0.00129EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/01 2:14 p.m.5 views

CVE-2026-31729

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: validate connector number in ucsinotifycommon The connector number extracted from CCI via UCSICCICONNECTOR is a 7-bit field 0-127 that is used to index into the connector array in ucsiconnectorchange. However, t...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
OSV
OSV
added 2026/05/01 1:12 p.m.37 views

CLSA-2026-1777614769 kernel: Fix of 13 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

7.8CVSS7.4AI score0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/01 12:30 a.m.36 views

CVE-2026-7518 Open5GS AMF SBI Endpoint sdmsubscription-notify amf_namf_callback_handle_sdm_data_change_notify denial of service

A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amfnamfcallbackhandlesdmdatachangenotify of the file /namf-callback/v1/id/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes denial of service. The...

5.3CVSS0.00364EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/01 12:30 a.m.4 views

CVE-2026-7518 Open5GS AMF SBI Endpoint sdmsubscription-notify amf_namf_callback_handle_sdm_data_change_notify denial of service

A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amfnamfcallbackhandlesdmdatachangenotify of the file /namf-callback/v1/id/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes denial of service. The...

5.3CVSS5.5AI score0.00364EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/01 12:30 a.m.5 views

CVE-2026-7518

A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amfnamfcallbackhandlesdmdatachangenotify of the file /namf-callback/v1/id/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes denial of service. The...

5.3CVSS5.1AI score0.00364EPSS
Exploits0References5
CVE
CVE
added 2026/05/01 12:30 a.m.28 views

CVE-2026-7518

Open5GS AMF SBI Endpoint (named path /namf-callback/v1/{id}/sdmsubscription-notify) is affected up to version 2.7.7. The vulnerability arises in amf_namf_callback_handle_sdm_data_change_notify where manipulation of changeItem.newValue leads to denial of service. The issue can be triggered remotel...

5.3CVSS4.9AI score0.00364EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.9 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the amfnamfcallbackhandlesdmdatachangenotify function in the AMF...

5.3CVSS5.8AI score0.00364EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 3:16 p.m.4 views

CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

5.5CVSS0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/24 2:33 p.m.6 views

EUVD-2026-25437

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

5.3AI score0.00121EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:33 p.m.3 views

CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

5.3AI score0.00121EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/24 2:33 p.m.10 views

CVE-2026-31544

The CVE-2026-31544 issue affects the Linux kernel firmware component arm_scmi, where the helper __scmi_event_handler_get_ops could yield a NULL instead of an ERR_PTR when an event handler is missing or not created. This caused a NULL dereference in the notify error path, potentially leading to a ...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder