CVE-2025-15529

A vulnerability was found in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been made public a...

CVE-2025-15529 Open5GS s5c-handler.c sgwc_s5c_handle_create_session_response denial of service

A vulnerability was found in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been made public a...

CVE-2025-15529

Open5GS up to 2.7.6 is affected. The vulnerability lies in the sgwc_s5c_handle_create_session_response function in src/sgwc/s5c-handler.c; manipulation can cause a denial of service. Remote exploitation is possible and the exploit has been publicly released. A patch exists named b19cf6a2dbf5d3081...

CVE-2025-15528 Open5GS GTPv2 Bearer Response denial of service

A vulnerability has been found in Open5GS up to 2.7.6. Affected by this vulnerability is an unknown functionality of the component GTPv2 Bearer Response Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may...

CVE-2025-15528

A vulnerability has been found in Open5GS up to 2.7.6. Affected by this vulnerability is an unknown functionality of the component GTPv2 Bearer Response Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may...

PT-2026-3328

Name of the Vulnerable Software and Affected Versions Open5GS versions up to 2.7.6 Description A denial-of-service issue exists in Open5GS, specifically within the SGW-C Serving Gateway Control plane component. The issue resides in the handling of Create Session Response messages and affects the...

PT-2026-3327

Name of the Vulnerable Software and Affected Versions Open5GS versions through 2.7.6 Description A flaw exists in Open5GS related to the GTPv2 Bearer Response Handler component. This issue can be exploited remotely to cause a denial of service. The exploit details have been publicly disclosed...

Hanwha Vision Camera Improper Neutralization of Input During Web Page Generation (CVE-2025-8075)

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The...

Linux Distros Unpatched Vulnerability : CVE-2025-71105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 -----------...

TencentOS Server 3: binutils (TSSA-2025:0988)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0988 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

PT-2026-2334

Name of the Vulnerable Software and Affected Versions SAP S/4HANA Private Cloud and On-Premise affected versions not specified Description The software contains a flaw in a function module exposed via Remote Function Call RFC. An attacker with administrative privileges can exploit this to inject...

Linux Distros Unpatched Vulnerability : CVE-2025-71068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated...

Linux Distros Unpatched Vulnerability : CVE-2025-71077

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tpm: Cap the number of PCR banks tpm2getpcrallocation does not cap any upper limit for the number of banks. Cap the limit to eight banks so that out of bounds...

MiracleLinux 7 : ImageMagick-6.9.10.68-7.0.6.el7.AXS7 (AXSA:2025-10923:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10923:03 advisory. CVE-2025-53019: fix memory leak in StreamImage Fix the patch for CVE-2022-32546 CVEs: CVE-2025-53019 ImageMagick is free and open-source software used for...

CVE-2025-61664 affecting package grub2 for versions less than 2.06-26

CVE-2025-61664 affecting package grub2 for versions less than 2.06-26. A patched version of the package is available...

CVE-2025-13837 affecting package python3 for versions less than 3.12.9-7

CVE-2025-13837 affecting package python3 for versions less than 3.12.9-7. A patched version of the package is available...

CVE-2026-0822 quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

CVE-2026-0822

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

CVE-2026-0821

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function jstypedarrayconstructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-15504

The vulnerability is in lief-project LIEF up to 0.17.1, affecting the ELF Binary Parser’s function Parser::parse_binary in src/ELF/Parser.tcc and causing a null pointer dereference . Exploitation requires local access; a public exploit exists. Upgrade to version 0.17.2 to resolve the issue (patch...