10 matches found
CVE-2026-7583 Open5GS BSF context.c bsf_sess_find_by_ipv6prefix denial of service
A flaw has been found in Open5GS up to 2.7.7. This issue affects the function bsfsessfindbyipv6prefix of the file /src/bsf/context.c of the component BSF. This manipulation of the argument ipv6Prefix causes denial of service. It is possible to initiate the attack remotely. The exploit has been...
File Browser has an access rule bypass via HasPrefix without trailing separator in path matching
Hi, The Matches function in rules/rules.go uses strings.HasPrefix without a trailing directory separator when matching paths against access rules. A rule for /uploads also matches /uploadsbackup/, granting or denying access to unintended directories. Verified against v2.62.2 commit 860c19d. Detai...
expat: large number of colons in input makes parser consume high amount of resources, leading to DoS
It was discovered that the "setElementTypePrefix" function incorrectly extracted XML namespace prefixes. By tricking an application into processing a specially crafted XML file, an attacker could cause unusually high consumption of memory resources and possibly lead to a denial of service...
SUSE CVE-2013-1772
The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service buffer overflow and system crash by leveraging /dev/kmsg write access and triggering a...
SUSE CVE-2015-1270
The ucnviogetConverterName function in common/ucnvio.cpp in International Components for Unicode ICU, as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service read of uninitialized memory or...
A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
...
DEBIAN-CVE-2013-1772
The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service buffer overflow and system crash by leveraging /dev/kmsg write access and triggering a...
Mandriva Update for iproute2 MDVA-2010:137 (iproute2)
Check for the Version of iproute2 OpenVAS Vulnerability Test Mandriva Update for iproute2 MDVA-2010:137 iproute2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for iproute2 MDVA-2010:137 (iproute2)
Check for the Version of iproute2 OpenVAS Vulnerability Test Mandriva Update for iproute2 MDVA-2010:137 iproute2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Researcher Publishes Valid Wildcard SSL Certificate
In the wake of Moxie Marlinspike’s SSL talk at Black Hat this summer, another security researcher has used the technique described in the talk to create and publish a valid wildcard certificate and private key that could be used to fool browsers into believing a site is legitimate when it is in...