Lucene search
K

3708 matches found

Amd
Amd
added 2026/05/12 12:0 a.m.16 views

Quality-of-Service Feature Side Channels

Revisions Revision Date| Description ---|--- 2026-05-12| Initial publication...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/11 12:30 p.m.6 views

CVE-2026-8289

A vulnerability was identified in Open5GS up to 2.7.7. This vulnerability affects the function smfnsmfhandleupdatedatainvsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipulation of the argument qosFlowProfile leads to denial of service. Remote exploitation of the attack is...

5.3CVSS5.5AI score0.00372EPSS
Exploits1References5
CVE
CVE
added 2026/05/11 12:30 p.m.19 views

CVE-2026-8289

Technical details (affected software, root cause, impact, and remediation) are not publicly available in the provided documents. Monitor for updates.

6.5CVSS5.5AI score0.00372EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/05/11 12:15 p.m.23 views

CVE-2026-8288

Open5GS SMF vulnerability CVE-2026-8288 affects the gsm_handle_pdu_session_modification_qos_flow_descriptions function in gsm-handler.c. Input manipulation of n1SmMsg can trigger a denial of service, with remote exploitation and a publicly disclosed exploit. A fix is proposed in a pull request aw...

6.5CVSS5.5AI score0.00378EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/11 3:45 a.m.7 views

CVE-2026-8270

A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogsnasparseqosrules of the component SMF. Executing a manipulation can lead to denial of service. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The proje...

5.3CVSS5.5AI score0.0038EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.15 views

PT-2026-39596

A vulnerability was identified in Open5GS up to 2.7.7. This vulnerability affects the function smf nsmf handle update data in vsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipulation of the argument qosFlowProfile leads to denial of service. Remote exploitation of the attac...

5.3CVSS5.5AI score0.00372EPSS
Exploits1References6
NVD
NVD
added 2026/05/10 11:16 p.m.28 views

CVE-2026-8251

A vulnerability was found in Open5GS up to 2.7.7. This impacts the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. Performing a manipulation results in denial of service. The attack is possible to be carried out remotely. The exploit has been made...

6.5CVSS0.00461EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/10 11:0 p.m.49 views

CVE-2026-8251 Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qos denial of service

A vulnerability was found in Open5GS up to 2.7.7. This impacts the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. Performing a manipulation results in denial of service. The attack is possible to be carried out remotely. The exploit has been made...

5.3CVSS0.00461EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/10 10:45 p.m.44 views

CVE-2026-8250 Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list denial of service

A vulnerability has been found in Open5GS up to 2.7.7. This affects the function smfn4buildqosflowtomodifylist of the file /src/smf/n4-build.c of the component SMF. Such manipulation leads to denial of service. The attack can be executed remotely. The exploit has been disclosed to the public and...

5.3CVSS0.00372EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/10 10:30 p.m.51 views

CVE-2026-8249 Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qos denial of service

A flaw has been found in Open5GS up to 2.7.7. The impacted element is the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. This manipulation causes denial of service. Remote exploitation of the attack is possible. The exploit has been published and...

5.3CVSS0.00372EPSS
Exploits1References5
CVE
CVE
added 2026/05/10 10:30 p.m.21 views

CVE-2026-8249

Open5GS up to version 2.7.7 is affected. The vulnerable element is the function update_authorized_pcc_rule_and_qos in file /src/smf/npcf-handler.c (SMF component). The issue allows remote denial of service through manipulation described in the CVE, with exploitation possible and an exploit publis...

6.5CVSS5.3AI score0.00372EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.18 views

PT-2026-39544

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A remote denial of service issue exists in the SMF component. The flaw is located in the update authorized pcc rule and qos function within the /src/smf/npcf-handler.c file. Manipulation of this...

5.3CVSS5.8AI score0.00461EPSS
Exploits1References9
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.9 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the updateauthorizedpccruleandqos function in the SMF component...

6.5CVSS5.8AI score0.00372EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.26 views

PT-2026-39542

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A flaw in the SMF component allows remote attackers to cause a denial of service. The issue exists within the update authorized pcc rule and qos function located in the /src/smf/npcf-handler.c file...

5.3CVSS5.8AI score0.00372EPSS
Exploits1References7
EUVD
EUVD
added 2026/05/08 3:31 p.m.12 views

EUVD-2026-28707

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...

5.8AI score0.00121EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43401

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References3
hivepro
hivepro
added 2026/05/07 4:45 a.m.9 views

Cyber Insurance Requirements for Cybersecurity

Cyber Insurance Requirements for Cybersecurity Cyber insurance requirements cybersecurity teams face today are stricter than they were even a few years ago. Underwriters no longer accept a simple security questionnaire and a list of tools. They want evidence that your organization can identify...

5.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2026/05/06 4:0 p.m.9 views

Before the Breach, There Was a Test Environment

Key Takeaways Most security failures do not begin where they are discovered. By the time risk becomes visible in production, the decisions that created it are often already sitting in test environments. “Temporary” test infrastructure often becomes permanent, creating persistent misconfigurations...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.12 views

Root-Cause-Driven Automated Vulnerability Repair

Recent LLM-based systems have made automated vulnerability repair increasingly practical, but two challenges remain. First, without strong signals about where a bug originates, repair agents drift toward shallow edits that silence the observed failure while leaving the underlying defect unresolve...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.16 views

Generating Proof-Of-Vulnerability Tests to Help Enhance the Security of Complex Software

Developers create modern software applications Apps on top of third-party libraries Libs. When library vulnerabilities are reachable through application code, the applications can be vulnerable to software supply chain attacks. Prior work shows that developers often require concrete and executabl...

6AI score
Exploits0
Rows per page
Query Builder