Lucene search
K

84 matches found

UbuntuCve
UbuntuCve
added 2026/03/20 12:0 a.m.3 views

CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...

8.7CVSS5.8AI score0.00486EPSS
Exploits1References5
OSV
OSV
added 2026/03/20 12:0 a.m.5 views

UBUNTU-CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...

8.7CVSS5.8AI score0.00486EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.10 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 1.4.2 contained a security vulnerability caused by a null pointer dereferencing at the /sdm-subscriptions endpoint, which could lead to denial-of-service attacks...

8.7CVSS6.4AI score0.00486EPSS
Exploits1References4
OSV
OSV
added 2026/03/18 8:11 p.m.7 views

GHSA-5RVC-5CWX-G5X8 free5GC UDM incorrectly returns 500 for empty supi path parameter in PATCH sdm-subscriptions reques

Impact This is an Improper Error Handling vulnerability with Information Exposure implications, combined with an HTTP Method Translation issue. - Security Impact: The UDM incorrectly converts a downstream 400 Bad Request from UDR into a 500 Internal Server Error when handling PATCH requests with ...

8.7CVSS5.7AI score0.00321EPSS
Exploits1References5
OSV
OSV
added 2026/03/18 8:11 p.m.5 views

GHSA-P9HG-PQ3Q-V9GV free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error

Impact This is an Improper Input Validation vulnerability with Denial of Service and Injection implications. - Security Impact: A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's NudmSubscriberDataManagement API. This causes URL parsing failure in...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/18 8:7 p.m.11 views

free5GC UDM incorrectly returns 500 for empty supi path parameter in DELETE sdm-subscriptions request

Impact This is an Improper Error Handling vulnerability with Information Exposure implications. - Security Impact: The UDM incorrectly converts a downstream 400 Bad Request from UDR into a 500 Internal Server Error when handling DELETE requests with an empty supi path parameter. This leaks intern...

6.9CVSS5.7AI score0.00282EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2025/10/07 6:21 p.m.9 views

CVE-2025-3449

The CVE-2025-3449 issue affects the SDM component of B&R Automation Runtime, before version 6.4. Root cause: generation of predictable numbers/identifiers that can be exploited by an unauthenticated, network-based attacker. Impact: potential takeover of already established sessions. Documented in...

4.2CVSS6.6AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/07 6:21 p.m.10 views

CVE-2025-3449 Weak Session Token used in Automation Runtime SDM

A Generation of Predictable Numbers or Identifiers vulnerability in the SDM component of B&R Automation Runtime versions before 6.4 may allow an unauthenticated network-based attacker to take over already established sessions...

4.2CVSS0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/07 6:21 p.m.3 views

CVE-2025-3449 Weak Session Token used in Automation Runtime SDM

A Generation of Predictable Numbers or Identifiers vulnerability in the SDM component of B&R Automation Runtime versions before 6.4 may allow an unauthenticated network-based attacker to take over already established sessions...

4.2CVSS6.6AI score0.00184EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-5349

Malware in sbrugna...

6.9CVSS6.4AI score0.00353EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/07 12:0 a.m.4 views

B&R Automation Runtime 安全漏洞

B&R Automation Runtime is an automation runtime from B&R Automation. A security vulnerability exists in B&R Automation Runtime versions prior to 6.4 that stems from the SDM component's generation of predictable numbers or identifiers, which could lead to an unauthenticated cyber attacker taking...

4.2CVSS6.8AI score0.00184EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/07 12:0 a.m.5 views

B&R Automation Runtime 安全漏洞

B&R Automation Runtime is an automation runtime from B&R Automation. A security vulnerability exists in B&R Automation Runtime versions prior to 6.3 and prior to Q4.93 that stems from improper resource locking of the SDM component, which could lead to a denial of service...

10CVSS6.6AI score0.0026EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-45612

Malicious code in bioql PyPI...

7.6CVSS6.6AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:16 a.m.8 views

CVE-2023-41092

Unchecked return value in SDM firmware for IntelR Stratix 10 and IntelR Agilex 7 FPGAs before version 23.3 may allow an authenticated user to potentially enable denial of service via adjacent access...

7.6CVSS6.8AI score0.00328EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/21 11:3 p.m.11 views

CVE-2008-5372

sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sdm.autologin.once temporary file...

6.9CVSS6.7AI score0.00353EPSS
Exploits0References1
CVE
CVE
added 2024/11/05 5:10 p.m.165 views

CVE-2024-50115

CVE-2024-50115 is a Linux kernel vulnerability affecting KVM nSVM where loading PDPTEs from memory incorrectly handles nCR3[4:0]. The issue can cause an out-of-bounds read if a target page is at the end of a memslot, due to not enforcing 32-byte alignment when PAE paging is used. The root cause i...

7.1CVSS6.7AI score0.00243EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2024/11/05 5:10 p.m.23 views

CVE-2024-50115 KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of...

0.00243EPSS
Exploits0References6
NVD
NVD
added 2024/10/29 1:15 a.m.20 views

CVE-2024-50072

In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below GP in 32-bit mode when dosemu software was executing vm86 system call: general protection fault: 0000 1 PREEMPT SMP CPU: 4 PID: 4610 Comm: dosemu.bin...

5.5CVSS0.00231EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/10/29 12:50 a.m.21 views

CVE-2024-50072 x86/bugs: Use code segment selector for VERW operand

In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below GP in 32-bit mode when dosemu software was executing vm86 system call: general protection fault: 0000 1 PREEMPT SMP CPU: 4 PID: 4610 Comm: dosemu.bin...

0.00231EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/10/29 12:50 a.m.12 views

CVE-2024-50072

In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below GP in 32-bit mode when dosemu software was executing vm86 system call: general protection fault: 0000 1 PREEMPT SMP CPU: 4 PID: 4610 Comm: dosemu.bin...

5.5CVSS6AI score0.00231EPSS
Exploits0
Rows per page
Query Builder