152 matches found
CVE-2025-22891
When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...
CVE-2025-22891
When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...
CVE-2025-22891
When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...
CVE-2025-22891
CVE-2025-22891 affects BIG-IP PEM: when the PEM Control Plane Listener virtual server is configured with a Diameter Endpoint profile, undisclosed traffic can cause the virtual server to stop processing new client connections and increase memory usage, potentially disrupting traffic. Remediation i...
CVE-2025-22891 BIG-IP PEM Vulnerability
When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...
CVE-2025-22891 BIG-IP PEM Vulnerability
When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...
F5 BIG-IP PEM 安全漏洞
F5 BIG-IP PEM is a policy enforcer used in BIG-IP from F5 USA. A security vulnerability exists in the F5 BIG-IP PEM due to a Diameter Endpoint profile that can be exploited by an attacker to cause the virtual server to stop processing new client connections and cause an increase in memory resourc...
PT-2025-5733 · F5 · Big-Ip Pem
Name of the Vulnerable Software and Affected Versions: BIG-IP PEM affected versions not specified Description: When the BIG-IP PEM Control Plane listener Virtual Server is configured with a Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client...
Maybe the Phone System Surveillance Vulnerabilities Will Be Fixed
It seems that the FCC might be fixing the vulnerabilities in SS7 and the Diameter protocol: On March 27 the commission asked telecommunications providers to weigh in and detail what they are doing to prevent SS7 and Diameter vulnerabilities from being misused to track consumers locations. The FCC...
Vulnerabilities fixed in Oracle Communications
Vulnerabilities have been fixed in Oracle Communications products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code executio...
Vulnerabilities fixed in Oracle Communications
Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Remote code execution User rights Access to system data...
K01837042: Multiple Wireshark (tshark) vulnerabilities
Security Advisory Description CVE-2015-8711 epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash v...
K82530456: BIG-IP Diameter vulnerability CVE-2020-5942
Security Advisory Description When processing Capabilities-Exchange-Answer CEA packets with certain attributes from the Policy and Charging Rules Function PCRF server, the Traffic Management Microkernel TMM may generate a core file and restart. CVE-2020-5942 Impact This vulnerability affects only...
K55812535: BIG-IP MRF Diameter vulnerability CVE-2019-6686
Security Advisory Description The Traffic Management Microkernel TMM might stop responding after the total number of diameter connections and pending messages on a single virtual server has reached 32K. CVE-2019-6686 Impact BIG-IP This vulnerability affects only virtual servers associated with th...
K54130510: TMM DIAMETER vulnerability CVE-2018-5522
Security Advisory Description When processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may restart. CVE-2018-5522 Impact This vulnerability allows for a remote unauthorized disruption of service by way of an unspecified DIAMETER packet. Security Advisory Status F5...
SUSE CVE-2007-2028
Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service memory consumption via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUEPAIR...
SUSE CVE-2011-1958
Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted Diameter dictionary file...
SUSE CVE-2012-2393
epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service application crash via a crafted packet that triggers incorrect...
SUSE CVE-2015-8725
The dissectdiameterbaseframedipv6prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service stack-based buffer overflow...
K82793463: BIG-IP MRF Diameter vulnerability CVE-2022-23019
Security Advisory Description When a message routing type virtual server is configured with both Diameter Session and Router Profiles, undisclosed traffic can cause an increase in memory resource utilization. CVE-2022-23019 Impact System performance can degrade until the process is either forced ...