121 matches found
CVE-2025-65565
CVE-2025-65565 affects the omec-project UPF pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request missing the mandatory F-SEID Information Element can cause the session establishment handler to call IE.FSEID() on a nil pointer, triggering a panic and terminating the UP...
CVE-2025-65567
A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed Flow-Description is not robustly validated. The...
CVE-2025-65567
A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed Flow-Description is not robustly validated. The...
CVE-2025-65565
A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID CPF-SEID Information Element is not properly validated. The...
CVE-2025-65568
A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During...
UPF 安全漏洞
UPF is an open source user interface from the Aether SD-Core Project. A security vulnerability exists in UPF that originates from an out-of-bounds read while processing a PFCP session establishment request containing an empty or truncated IPv4 address field, which could result in a denial of...
CVE-2025-65559
CVE-2025-65559 – Open5GS vulnerability affecting Open5GS 2.7.5-49-g465e90f. Processing a PFCP Session Establishment Request (type=50) can trigger a reachable assertion in lib/pfcp/context.c (ogs_pfcp_object_teid_hash_set) when CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags (IPv...
CVE-2025-65568
The CVE-2025-65568 issue affects the omec-project UPF pfcpiface (upf-epc-pfcpiface:2.1.3-dev). During a PFCP Session Establishment Request, a CreateFAR with an empty or truncated IPv4 address triggers an out-of-bounds read in parseFAR() via ip2int(), causing an index-out-of-range panic and a deni...
EUVD-2012-3292
Malware in sbrugna...
EUVD-2024-31887
Malicious code in bioql PyPI...
EUVD-2023-35451
Malicious code in bioql PyPI...
EUVD-2021-28802
Malicious code in bioql PyPI...
CVE-2025-20225
A vulnerability in the Internet Key Exchange Version 2 IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance ASA Software, and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a memory leak, resultin...
CVE-2025-29646
An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of Service via a crafted PFCP SessionEstablishmentRequest packet with restoration indication = true and teid = 0 or teid = ogspfcppdrteidpool.size...
CVE-2022-39063
When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...
CVE-2021-41794
ogsfqdnparse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a length value to be used ...
CVE-2024-51179
An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...
CVE-2024-51179
An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...
CVE-2024-51179
An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...
CVE-2024-51179
An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...