EUVD-2026-33945

SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...

CVE-2026-10629 CVE-2026-10629

SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...

PT-2026-45769

SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...

Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE Deployments

Overview VoLTE deployments on Verizon’s IMS network have operated without negotiated SIP integrity protection. In observed test conditions, SIP signaling—including registration, call setup, and messaging—traveled without IPsec ESP encapsulation and without SIP Security Agreement headers, exposing...

CVE-2025-15555

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hssogsdiamcxmarcb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGSKEYLEN results in stack-based buffer overflow. The attack may be...

EUVD-2025-206778

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hssogsdiamcxmarcb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGSKEYLEN results in stack-based buffer overflow. The attack may be...

CVE-2025-15555 Open5GS VoLTE Cx-Test hss-cx-path.c hss_ogs_diam_cx_mar_cb stack-based overflow

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hssogsdiamcxmarcb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGSKEYLEN results in stack-based buffer overflow. The attack may be...

CVE-2025-15555

Open5GS up to 2.7.6 contains a stack-based buffer overflow in hss_ogs_diam_cx_mar_cb (src/hss/hss-cx-path.c) within the VoLTE Cx-Test component. The vulnerability is triggered by manipulation of the OGS_KEY_LEN argument and can be exploited remotely. A patch identified as 54dda041211098730221d0ae...

PT-2026-5891

Name of the Vulnerable Software and Affected Versions Open5GS versions through 2.7.6 Description A security flaw exists in Open5GS. The issue involves a stack-based buffer overflow in the hss ogs diam cx mar cb function within the src/hss/hss-cx-path.c file, part of the VoLTE Cx-Test component. T...

EUVD-2016-1592

Malware in sbrugna...

EUVD-2021-25992

Malware in sbrugna...

EUVD-2019-2397

Malware in sbrugna...

EUVD-2023-26548

Malicious code in bioql PyPI...

EUVD-2024-54631

Malicious code in bioql PyPI...

EUVD-2023-53633

Malicious code in bioql PyPI...

EUVD-2023-28838

Malicious code in bioql PyPI...

EUVD-2023-37214

Malicious code in bioql PyPI...

CVE-2024-53026

Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call...

CVE-2024-53026

Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call...

CVE-2024-53026 Buffer Over-read in Data Network Stack & Connectivity

Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call...