719 matches found
UPF 安全漏洞
UPF is an open source user interface from the Aether SD-Core Project. A security vulnerability exists in UPF upf-epc-pfcpiface:version 2.1.3-dev, which originates from dereferencing a null pointer when processing a PFCP session report response that lacks a cause information element, which could...
CVE-2025-65564
The CVE-2025-65564 issue affects omec-upf (upf-epc-pfcpiface) 2.1.3-dev. The PFCP Association Setup Request, if missing the mandatory Recovery Time Stamp Information Element, triggers a nil-pointer dereference in the association setup handler and causes a panic, terminating the UPF process and po...
CVE-2025-65567
A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed Flow-Description is not robustly validated. The...
CVE-2025-65562
The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session Deletion Requests. An unauthenticated remote attacker can send a request with a very large SEID e.g., 0xFFFFFFFFFFFFFFFF that causes an integer conversion/underflow in LocalNode.DeleteSess /...
CVE-2025-65566
A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Session Report Response that is missing the mandatory Cause Information Element, the session report handler dereferences a nil pointer instead ...
free5GC 安全漏洞
free5GC is a 5th Generation 5G mobile core network open source project by free5GC Open Source. A security vulnerability exists in free5GC that stems from a lack of bounds checking when processing PFCP session deletion requests, which could lead to integer underflow and denial of service...
CVE-2025-65562
The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session Deletion Requests. An unauthenticated remote attacker can send a request with a very large SEID e.g., 0xFFFFFFFFFFFFFFFF that causes an integer conversion/underflow in LocalNode.DeleteSess /...
CVE-2025-65566
The CVE-2025-65566 affects omec-project UPF pfcpiface:2.1.3-dev. The session report handler dereferences a nil pointer when processing a PFCP Session Report Response that lacks the mandatory Cause Information Element, causing a panic and UPF process termination. An attacker who can send PFCP Sess...
CVE-2025-65561
An issue was discovered in function LocalNode.Sess in free5GC 4.1.0 allowing attackers to cause a denial of service or other unspecified impacts via crafted header Local SEID to the PFCP Session Modification Request...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989085)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989085 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix panic when forwarding a pkt with no in6 dev kongweibin reported a kernel panic in...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990039)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990039 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix panic when forwarding a pkt with no in6 dev kongweibin reported a kernel panic in...
Juniper Junos OS Vulnerability (JSA103153)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA103153 advisory. - A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based...
EUVD-2022-55155
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix panic when forwarding a pkt with no in6 dev kongweibin reported a kernel panic in ip6forward when input interface has no in6 dev associated. The following tc commands were used to reproduce this panic: tc qdisc del dev...
CVE-2025-59964
A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...
EUVD-2025-33397
A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...
CVE-2025-59964
A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...
CVE-2025-59964
This CVE concerns Juniper Networks Junos OS on SRX4700 devices. A Use of Uninitialized Resource vulnerability in the PFE (Packet Forwarding Engine) can be triggered by forwarding-options sampling, allowing an unauthenticated, network-based attacker to cause a DoS. Specifically, when traffic desti...
CVE-2025-59964 Junos OS: SRX4700: When forwarding-options sampling is enabled any traffic destined to the RE will cause the forwarding line card to crash and restart
A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...
EUVD-2019-0813
Malware in sbrugna...
EUVD-1999-0756
Malware in sbrugna...