Lucene search
K

28 matches found

NVD
NVD
added 2025/12/18 7:16 p.m.3 views

CVE-2025-65565

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID CPF-SEID Information Element is not properly validated. The...

7.5CVSS0.00347EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.11 views

PT-2025-52289

Name of the Vulnerable Software and Affected Versions omec-project UPF version 2.1.3-dev Description A denial-of-service issue exists in the omec-project UPF pfcpiface component. Specifically, when a PFCP Session Establishment Request is sent to the UPF’s N4/PFCP endpoint without the mandatory...

7.5CVSS6.5AI score0.00347EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/18 12:0 a.m.3 views

CVE-2025-65565

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID CPF-SEID Information Element is not properly validated. The...

6.4AI score0.00347EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/18 12:0 a.m.3 views

CVE-2025-65566

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Session Report Response that is missing the mandatory Cause Information Element, the session report handler dereferences a nil pointer instead ...

6.3AI score0.00285EPSS
Exploits1References1
CVE
CVE
added 2025/12/18 12:0 a.m.12 views

CVE-2025-65563

CVE-2025-65563 affects omec-project UPF (upf-epc/pfcpiface). A NULL pointer dereference occurs in the association setup handler when a PFCP Association Setup Request omits the mandatory NodeID Information Element, causing a panic and UPF process termination. An attacker able to send PFCP Associat...

7.5CVSS6.4AI score0.00369EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/12/18 12:0 a.m.16 views

CVE-2025-65565

CVE-2025-65565 affects the omec-project UPF pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request missing the mandatory F-SEID Information Element can cause the session establishment handler to call IE.FSEID() on a nil pointer, triggering a panic and terminating the UP...

7.5CVSS6.4AI score0.00347EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/12/08 10:20 p.m.3 views

GHSA-M6WQ-66P2-C8PC Babylon Nil BlockHash in BLS vote extensions triggers panics in consensus handlers

Summary A vulnerability exists in Babylon’s BLS vote extension processing where a malicious active validator can submit a VoteExtension with the blockhash field omitted from the protobuf serialization. Because protobuf fields are optional, unmarshalling succeeds but leaves BlockHash as nil. Babyl...

8.7CVSS7.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/30 12:0 a.m.6 views

PT-2023-29922 · Quic-Go · Quic-Go

Name of the Vulnerable Software and Affected Versions: quic-go versions 0.37.0 through 0.37.2 Description: The issue arises from serializing an ACK frame after the CRYPTO frame, allowing a node to complete the handshake. This can trigger a nil pointer dereference when the node attempts to drop th...

7.5CVSS7.3AI score0.00765EPSS
Exploits0References13
Rows per page
Query Builder