167 matches found
CVE-2026-42936
The installer of HYPER SBI 2 insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...
CVE-2026-42936
The installer of HYPER SBI 2 insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...
CVE-2026-42936
The installer of HYPER SBI 2 insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...
CVE-2026-12002
The CVE-2026-12002 entry concerns the Smash Balloon Social Photo Feed – Easy Social Feeds Plugin for WordPress. A CSRF vulnerability exists in all versions up to and including 6.11.1 due to missing/incorrect nonce validation in the maybe_connection_data function. This allows unauthenticated attac...
SUSE CVE-2026-53303
In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...
CVE-2026-53303
Technical details for CVE-2026-53303 are not publicly provided in the supplied documents; monitoring for updates is advised.
EUVD-2026-39838
In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...
CVE-2026-53303
In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...
SUSE CVE-2026-53272
In the Linux kernel, the following vulnerability has been resolved: erofs: fix use-after-free on sbi-syncdecompress zerofsdecompresskickoff can race with filesystem unmount, causing a use-after-free on sbi-syncdecompress. When I/O completes, zerofsendio calls zerofsdecompresskickoff to queue...
PT-2026-52367
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the erofs component. The z erofs decompress kickoff function can race with the filesystem unmount process, leading to a use-after-free on sbi-sync...
CVE-2026-8292
A security vulnerability has been detected in Open5GS up to 2.7.7. The affected element is the function yuarelparse in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument hnrf-uri leads to denial of service. The attack may be performed from remote. The exploit has...
CVE-2026-10116
A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogssbixactadd in the library /lib/core/ogs-timer.c of the component ue-authentications Endpoint. Performing a manipulation results in denial of service. The attack may be initiated remotely. The...
CVE-2026-10116 Open5GS ue-authentications Endpoint ogs-timer.c ogs_sbi_xact_add denial of service
A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogssbixactadd in the library /lib/core/ogs-timer.c of the component ue-authentications Endpoint. Performing a manipulation results in denial of service. The attack may be initiated remotely. The...
CVE-2026-10116
Technical details are not publicly available in the provided documents. Monitor for updates. The description notes a denial‑of‑service vulnerability in Open5GS (ogs_sbi_xact_add in ogs-timer.c).
CVE-2026-10114
Open5GS up to 2.7.7 is affected by an out-of-bounds write in handle_scp_info (lib/sbi/nnrf-handler.c) within the Shared NF-profile Parser. The issue can be triggered remotely and is linked to a publicly disclosed exploit. Remediation guidance in the sources is to deploy an official patch; no addi...
Open5GS 安全漏洞
Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the ue-authentications Endpoint component’s ogssbixactadd...
PT-2026-45093
A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogs sbi xact add in the library /lib/core/ogs-timer.c of the component ue-authentications Endpoint. Performing a manipulation results in denial of service. The attack may be initiated remotely. The...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: checked the validation of faultattrs in f2fsbuildfaultattr. It failed to check the validation of faultattrs in parseoptions; we will fix this by adding a check condition in f2fsbuildfaultattr. Also, use f2fsbuildfaultatt...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: riscv: trace: fix snapshot deadlock with sbi ecall If the functions in sbiecall.c are traceable, the command: echo "sbiecall:snapshot" /sys/kernel/tracing/setftracefilter can cause the kernel to enter a deadlock. Functions in...
CVE-2026-8731
A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogssbiclientadd in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument clientpool leads to denial of service. It is possible to initiate the attack remotely. The exploit has been...