NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the process handling NAS Authentication Response and Authentication Failure messages with missing IEs. An attacker can cause a crash of the service by sending specially crafted NAS messages without required...

CVE-2026-32319 Ella Core: Unauthenticated AMF DoS via malformed InitialUEMessage with undersized integrity-protected NAS payload

Ella Core is a 5G core designed for private networks. Prior to 1.5.1, Ella Core panics when processing a malformed integrity protected NGAP/NAS message with a length under 7 bytes. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...

CVE-2025-65805

OpenAirInterface CN5G AMF=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch a denial-of-service attack and potentially execute malicious code by accessing port N1 and sending an imsi string longer than 1000 to AMF...

EUVD-2020-24941

Malware in sbrugna...

EUVD-2024-52718

Malicious code in bioql PyPI...

EUVD-2024-52719

Malicious code in bioql PyPI...

Exploit for Classic Buffer Overflow in Free5Gc

CVE-2025-29632 the information for the vulnerability covered b...

CVE-2024-54984

An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted NAS message. NOTE: this is disputed by the supplier...

CVE-2024-54983

An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a crafted NAS message...

CVE-2022-20210

The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an attacker to remotely crash the modem, which could lead to DoS...

CVE-2024-54984

An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted NAS message. NOTE: this is disputed by the supplier...

CVE-2024-54983

An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a crafted NAS message...

CVE-2024-54983

The CVE-2024-54983 entry affects Quectel BC95-CNV V100R001C00SPC051, where a crafted NAS message can bypass authentication. Documents consistently describe an authentication bypass in this specific firmware version. The core issue is a failure in validating NAS messages, enabling potential unauth...

CVE-2024-54982

An issue in Quectel BC25 with firmware version BC25PAR01A06 allows attackers to bypass authentication via a crafted NAS message. NOTE: Quectel disputes this because the issue is in the chipset supply chain and is not localized to one or more Quectel products...

CVE-2024-54984

An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted NAS message. NOTE: this is disputed by the supplier...

CVE-2024-54983

An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a crafted NAS message...

CVE-2024-54982

The CVE-2024-54982 issue affects Quectel BC25 firmware version BC25PAR01A06, where authentication can be bypassed via a crafted NAS message. Root cause details in the connected PT-2024-36457 disclosure describe a NAS-based authentication bypass affecting BC25PAR01A06; no other product versions ar...

CVE-2024-54984

The CVE-2024-54984 entry concerns Quectel BG96 (BG96MAR02A08M1G). Description: an issue in the BG96 firmware allows authentication to be bypassed by a crafted NAS message, with the supplier disputing the flaw. Root cause: authentication bypass arises from NAS message handling within BG96. Impact ...

CVE-2024-54982

An issue in Quectel BC25 with firmware version BC25PAR01A06 allows attackers to bypass authentication via a crafted NAS message. NOTE: Quectel disputes this because the issue is in the chipset supply chain and is not localized to one or more Quectel products...

CVE-2024-34476

Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: ogsnasencrypt in lib/nas/common/security.c for pkbuf-len...