Lucene search
K

719 matches found

CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

UPF 安全漏洞

UPF is an open source user interface from the Aether SD-Core Project. A security vulnerability exists in UPF upf-epc-pfcpiface:version 2.1.3-dev, which originates from dereferencing a null pointer when processing a PFCP session report response that lacks a cause information element, which could...

7.5CVSS6.3AI score0.00285EPSS
Exploits1References2
CVE
CVE
added 2025/12/18 12:0 a.m.13 views

CVE-2025-65564

The CVE-2025-65564 issue affects omec-upf (upf-epc-pfcpiface) 2.1.3-dev. The PFCP Association Setup Request, if missing the mandatory Recovery Time Stamp Information Element, triggers a nil-pointer dereference in the association setup handler and causes a panic, terminating the UPF process and po...

7.5CVSS6.4AI score0.0036EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/18 12:0 a.m.2 views

CVE-2025-65567

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed Flow-Description is not robustly validated. The...

6.6AI score0.00347EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/18 12:0 a.m.22 views

CVE-2025-65562

The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session Deletion Requests. An unauthenticated remote attacker can send a request with a very large SEID e.g., 0xFFFFFFFFFFFFFFFF that causes an integer conversion/underflow in LocalNode.DeleteSess /...

0.0049EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/18 12:0 a.m.22 views

CVE-2025-65566

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Session Report Response that is missing the mandatory Cause Information Element, the session report handler dereferences a nil pointer instead ...

0.00285EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

free5GC 安全漏洞

free5GC is a 5th Generation 5G mobile core network open source project by free5GC Open Source. A security vulnerability exists in free5GC that stems from a lack of bounds checking when processing PFCP session deletion requests, which could lead to integer underflow and denial of service...

7.5CVSS6.5AI score0.0049EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/18 12:0 a.m.3 views

CVE-2025-65562

The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session Deletion Requests. An unauthenticated remote attacker can send a request with a very large SEID e.g., 0xFFFFFFFFFFFFFFFF that causes an integer conversion/underflow in LocalNode.DeleteSess /...

6.8AI score0.0049EPSS
Exploits1References1
CVE
CVE
added 2025/12/18 12:0 a.m.17 views

CVE-2025-65566

The CVE-2025-65566 affects omec-project UPF pfcpiface:2.1.3-dev. The session report handler dereferences a nil pointer when processing a PFCP Session Report Response that lacks the mandatory Cause Information Element, causing a panic and UPF process termination. An attacker who can send PFCP Sess...

7.5CVSS6.3AI score0.00285EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/12/18 12:0 a.m.8 views

CVE-2025-65561

An issue was discovered in function LocalNode.Sess in free5GC 4.1.0 allowing attackers to cause a denial of service or other unspecified impacts via crafted header Local SEID to the PFCP Session Modification Request...

7.5CVSS6.8AI score0.00369EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989085)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989085 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix panic when forwarding a pkt with no in6 dev kongweibin reported a kernel panic in...

5.5CVSS5.2AI score0.00253EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990039)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990039 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix panic when forwarding a pkt with no in6 dev kongweibin reported a kernel panic in...

5.5CVSS5.2AI score0.00253EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.3 views

Juniper Junos OS Vulnerability (JSA103153)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA103153 advisory. - A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based...

8.7CVSS5.6AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/14 9:30 p.m.7 views

EUVD-2022-55155

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix panic when forwarding a pkt with no in6 dev kongweibin reported a kernel panic in ip6forward when input interface has no in6 dev associated. The following tc commands were used to reproduce this panic: tc qdisc del dev...

5.5CVSS5AI score0.00253EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/10/10 4:20 p.m.5 views

CVE-2025-59964

A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...

8.7CVSS6.8AI score0.00331EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/09 6:30 p.m.7 views

EUVD-2025-33397

A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...

8.7CVSS6.4AI score0.00331EPSS
Exploits0References3
NVD
NVD
added 2025/10/09 4:15 p.m.5 views

CVE-2025-59964

A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...

8.7CVSS0.00331EPSS
Exploits0References2
CVE
CVE
added 2025/10/09 3:46 p.m.15 views

CVE-2025-59964

This CVE concerns Juniper Networks Junos OS on SRX4700 devices. A Use of Uninitialized Resource vulnerability in the PFE (Packet Forwarding Engine) can be triggered by forwarding-options sampling, allowing an unauthenticated, network-based attacker to cause a DoS. Specifically, when traffic desti...

8.7CVSS6.5AI score0.00331EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/09 3:46 p.m.5 views

CVE-2025-59964 Junos OS: SRX4700: When forwarding-options sampling is enabled any traffic destined to the RE will cause the forwarding line card to crash and restart

A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...

8.7CVSS6.5AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-0813

Malware in sbrugna...

9.8CVSS9.5AI score0.05263EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-1999-0756

Malware in sbrugna...

10CVSS6.4AI score0.03129EPSS
Exploits0References2
Rows per page
Query Builder