Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the AMF process. An attacker can cause the service to crash and disrupt network operations by sending a specially crafted NAS Registration Request containing a malformed 5GS Mobile Identity...

CVE-2025-69248

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. Remote unauthenticated attackers can crash the AMF service by sending a specially crafted NA...

PT-2026-21565

Name of the Vulnerable Software and Affected Versions free5GC versions up to and including 1.4.1 Description free5GC is an open-source project for 5th generation 5G mobile core networks. A buffer overflow exists in the AMF service, potentially leading to a denial of service. Remote, unauthenticat...

CVE-2025-70121

An array index out of bounds vulnerability in the AMF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted 5GS Mobile Identity in a NAS Registration Request message. The issue occurs in the GetSUCI method NASMobileIdentity5GS.go when accessing index 5 of ...

CVE-2025-70121

An array index out of bounds vulnerability in the AMF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted 5GS Mobile Identity in a NAS Registration Request message. The issue occurs in the GetSUCI method NASMobileIdentity5GS.go when accessing index 5 of ...

CVE-2025-70121

The CVE describes an array index out of bounds in free5GC v4.0.1’s AMF GetSUCI implementation (NAS_MobileIdentity5GS.go) that can be triggered by a crafted 5GS Mobile Identity in a NAS Registration Request, causing a runtime panic and AMF denial of service. The vulnerability affects the 5G core n...

CVE-2025-70121

An array index out of bounds vulnerability in the AMF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted 5GS Mobile Identity in a NAS Registration Request message. The issue occurs in the GetSUCI method NASMobileIdentity5GS.go when accessing index 5 of ...

CVE-2025-70121

An array index out of bounds vulnerability in the AMF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted 5GS Mobile Identity in a NAS Registration Request message. The issue occurs in the GetSUCI method NASMobileIdentity5GS.go when accessing index 5 of ...

EUVD-2015-8605

Malware in sbrugna...

EUVD-2025-30911

Malicious code in bioql PyPI...

CVE-2025-56394

Free5gc 4.0.1 is vulnerable to Buffer Overflow. The AMF incorrectly validates the 5GS mobile identity, resulting in slice reference overflow...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to improper validation of the 5GS mobile identity by the AMF in the Registration Request. An attacker can cause a slice reference overflow by sending specially crafted input data. Remediation Upgrade...

CVE-2025-56394

CVE-2025-56394 affects Free5gc 4.0.1. The AMF’s improper validation of the 5GS mobile identity enables a Buffer Overflow, described as a slice reference overflow. Impact is a high-severity memory corruption issue (CVSS 7.5, Network attack, no user interaction). Exploitation details are not provid...

free5GC 安全漏洞

free5GC is a 5th Generation 5G mobile core network open source project by free5GC Open Source. A security vulnerability exists in free5GC version 4.0.1 that stems from the AMF not properly validating 5GS mobile identity, which could result in a buffer overflow...

PT-2024-12705 · Orbic · Orbic Maui

Name of the Vulnerable Software and Affected Versions: Orbic Maui device version ORB545L V1.4.2 BVZPP Description: A certain software build for the Orbic Maui device leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or...

SUSE CVE-2015-8728

The Mobile Identity parser in 1 epan/dissectors/packet-ansia.c in the ANSI A dissector and 2 epan/dissectors/packet-gsmacommon.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvbbcddigtowmempacketstr function, which allows remote attackers to...

CVE-2022-36874

Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number...

Wireshark Mobile Identity Parser Denial of Service Vulnerability

Wireshark is the most popular network protocol parser. Wireshark version 2.0.x before 2.0.1 and version 1.12.x before 1.12.9, Mobile Identity within epan/dissectors/packet-ansia.c and epan/dissectors/packet-gsmacommon.c parser in epan/dissectors/packet-ansia.c and...

DEBIAN-CVE-2015-8728

The Mobile Identity parser in 1 epan/dissectors/packet-ansia.c in the ANSI A dissector and 2 epan/dissectors/packet-gsmacommon.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvbbcddigtowmempacketstr function, which allows remote attackers to...

Buffer overflow

The Mobile Identity parser in 1 epan/dissectors/packet-ansia.c in the ANSI A dissector and 2 epan/dissectors/packet-gsmacommon.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvbbcddigtowmempacketstr function, which allows remote attackers to...