31 matches found
EUVD-2024-21876
Malicious code in bioql PyPI...
EUVD-2024-21873
Malicious code in bioql PyPI...
EUVD-2024-21872
Malicious code in bioql PyPI...
EUVD-2024-21875
Malicious code in bioql PyPI...
EUVD-2024-21871
Malicious code in bioql PyPI...
CVE-2024-24454
An invalid memory access when handling the ProtocolIEID field of E-RAB Modify Request messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service DoS to the cellular network by repeatedly initiating connections and sending a crafted payload...
CVE-2024-24452
An invalid memory access when handling the ProtocolIEID field of E-RAB Release Indication messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service DoS to the cellular network by repeatedly initiating connections and sending a crafted payload...
CVE-2024-24453
An invalid memory access when handling the ProtocolIEID field of E-RAB NotToBeModifiedBearerModInd information element in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service DoS to the cellular network by repeatedly initiating connections and sending a crafted payload...
CVE-2024-24456
CVE-2024-24456 affects Hewlett Packard Enterprise Athonet Mobile Core via the Athonet MME. An E-RAB Release Command containing a malformed NAS PDU can cause the MME to crash, potentially due to a buffer overflow. This is triggered over the network and impacts availability; no explicit remediation...
Open5GS has an unspecified vulnerability (CNVD-2025-03161)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to send an "E-RAB Setup Response" message that lacks the required mmeues1apid' field to...
Open5GS has an unspecified vulnerability
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.6.4 and earlier versions, which can be exploited by an attacker to send an "E-rab modification instruction" message th...
CVE-2023-37003
Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an E-RAB Setup Response message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...
CVE-2023-37002
Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an E-RAB Modification Indication message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...
PT-2025-1394 · Open5Gs · Open5Gs Mme
Name of the Vulnerable Software and Affected Versions: Open5GS MME versions prior to 2.6.4 Description: The issue allows an attacker to send a malformed ASN.1 packet over the S1AP interface, triggering an assertion that can cause the MME to crash, resulting in denial of service. This can be...
PT-2025-1418 · Magma · Magma
Name of the Vulnerable Software and Affected Versions: Magma versions 1.8.0 and earlier Description: A Null pointer dereference issue in the Mobile Management Entity MME allows network-adjacent attackers to crash the MME via an S1AP "E-RAB Release Response" packet missing an expected MME UE S1AP ...
PT-2025-1419 · Magma · Magma
Name of the Vulnerable Software and Affected Versions: Magma versions 1.8.0 and earlier Description: The issue allows network-adjacent attackers to crash the Mobile Management Entity MME via an S1AP "E-RAB Modification Indication" packet missing an expected eNB UE S1AP ID field. This is a null...
CVE-2023-37026
A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP E-RAB Release Response packet missing an expected MMEUES1APID field...
CVE-2024-24452
An invalid memory access when handling the ProtocolIEID field of E-RAB Release Indication messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service DoS to the cellular network by repeatedly initiating connections and sending a crafted payload...
CVE-2024-24453
An invalid memory access when handling the ProtocolIEID field of E-RAB NotToBeModifiedBearerModInd information element in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service DoS to the cellular network by repeatedly initiating connections and sending a crafted payload...
CVE-2024-24457
An invalid memory access when handling the ProtocolIEID field of E-RAB Setup List Context SURes messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service DoS to the cellular network by repeatedly initiating connections and sending a crafted payload...