Lucene search
K

121 matches found

CVE
CVE
added 2025/12/18 12:0 a.m.16 views

CVE-2025-65565

CVE-2025-65565 affects the omec-project UPF pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request missing the mandatory F-SEID Information Element can cause the session establishment handler to call IE.FSEID() on a nil pointer, triggering a panic and terminating the UP...

7.5CVSS6.4AI score0.00347EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/18 12:0 a.m.2 views

CVE-2025-65567

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed Flow-Description is not robustly validated. The...

6.6AI score0.00347EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/18 12:0 a.m.24 views

CVE-2025-65567

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed Flow-Description is not robustly validated. The...

0.00347EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/18 12:0 a.m.18 views

CVE-2025-65565

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID CPF-SEID Information Element is not properly validated. The...

0.00347EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/18 12:0 a.m.26 views

CVE-2025-65568

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During...

0.00347EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

UPF 安全漏洞

UPF is an open source user interface from the Aether SD-Core Project. A security vulnerability exists in UPF that originates from an out-of-bounds read while processing a PFCP session establishment request containing an empty or truncated IPv4 address field, which could result in a denial of...

7.5CVSS6.5AI score0.00347EPSS
Exploits1References4
CVE
CVE
added 2025/12/18 12:0 a.m.10 views

CVE-2025-65559

CVE-2025-65559 – Open5GS vulnerability affecting Open5GS 2.7.5-49-g465e90f. Processing a PFCP Session Establishment Request (type=50) can trigger a reachable assertion in lib/pfcp/context.c (ogs_pfcp_object_teid_hash_set) when CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags (IPv...

7.5CVSS6.6AI score0.00359EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/12/18 12:0 a.m.19 views

CVE-2025-65568

The CVE-2025-65568 issue affects the omec-project UPF pfcpiface (upf-epc-pfcpiface:2.1.3-dev). During a PFCP Session Establishment Request, a CreateFAR with an empty or truncated IPv4 address triggers an out-of-bounds read in parseFAR() via ip2int(), causing an index-out-of-range panic and a deni...

7.5CVSS6.7AI score0.00347EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-3292

Malware in sbrugna...

5.8CVSS6.4AI score0.00836EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-31887

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00152EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-35451

Malicious code in bioql PyPI...

9CVSS8.6AI score0.00943EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-28802

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01183EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/08/14 4:28 p.m.10 views

CVE-2025-20225

A vulnerability in the Internet Key Exchange Version 2 IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance ASA Software, and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a memory leak, resultin...

5.8CVSS0.0063EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/18 12:0 a.m.3 views

CVE-2025-29646

An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of Service via a crafted PFCP SessionEstablishmentRequest packet with restoration indication = true and teid = 0 or teid = ogspfcppdrteidpool.size...

6.8AI score0.0029EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:11 p.m.3 views

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

7.5CVSS6.9AI score0.01079EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:21 p.m.7 views

CVE-2021-41794

ogsfqdnparse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a length value to be used ...

7.5CVSS7.1AI score0.01183EPSS
Exploits1
NVD
NVD
added 2024/11/12 10:15 p.m.34 views

CVE-2024-51179

An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...

7.5CVSS0.01028EPSS
Exploits1References1
OSV
OSV
added 2024/11/12 10:15 p.m.3 views

CVE-2024-51179

An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...

7.5CVSS6.8AI score0.01028EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/11/12 12:0 a.m.23 views

CVE-2024-51179

An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...

0.01028EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/12 12:0 a.m.10 views

CVE-2024-51179

An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...

6.9AI score0.01028EPSS
Exploits1References1
Rows per page
Query Builder