13 matches found
CVE-2026-25658
CVE-2026-25658 affects Ericsson Packet Core Gateway (PCG) versions prior to 1.30. The issue is an Improper Handling of Missing Values (CWE-230) where a client can send specially crafted messages to cause service degradation. The impact persists while the attack continues, with crashes recovering ...
CVE-2026-2062 Open5GS PGW S5U Address sgwc_sxa_handle_session_modification_response null pointer dereference
A vulnerability was identified in Open5GS up to 2.7.6. This affects the function sgwcs5chandlemodifybearerresponse/sgwcsxahandlesessionmodificationresponse of the component PGW S5U Address Handler. The manipulation leads to null pointer dereference. The attack can be initiated remotely. The explo...
Open5GS 代码问题漏洞
Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.6 and earlier contain code vulnerabilities due to a null pointer dereferencing issue in the PGW S5U address handling program...
EUVD-2022-50292
Malicious code in bioql PyPI...
CVE-2022-47531
An issue was discovered in Ericsson Evolved Packet Gateway EPG versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell...
CVE-2022-47531
An issue was discovered in Ericsson Evolved Packet Gateway EPG versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell...
CVE-2022-47531
Ericsson EPG (Ericsson Evolved Packet Gateway) is vulnerable to a CLI access control bypass that lets authenticated users run commands in the UNIX shell. Affected versions are 2.x before 2.16 and 3.x before 3.25. The issue arises from insufficient access controls on the CLI, enabling command exec...
CVE-2023-20051
A vulnerability in the Vector Packet Processor VPP of Cisco Packet Data Network Gateway PGW could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker...
CVE-2023-20051
A vulnerability in the Vector Packet Processor VPP of Cisco Packet Data Network Gateway PGW could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker...
Cisco Packet Data Network Gateway 安全漏洞
Cisco Packet Data Network Gateway is a key network function of Cisco's 4G mobile core network.PGW serves as an interface between the LTE network and other packet data networks. A security vulnerability exists in the Cisco Packet Data Network Gateway that arises from the Vector Packet Processor no...
PT-2022-7169 · Ericsson · Ericsson Evolved Packet Gateway
Name of the Vulnerable Software and Affected Versions: Ericsson Evolved Packet Gateway EPG versions 2.x before 2.16 Ericsson Evolved Packet Gateway EPG versions 3.x before 3.25 Description: The issue is related to the command-line interface CLI of the Ericsson Evolved Packet Gateway EPG and is...
Ericsson Evolved Packet Gateway 安全漏洞
Ericsson Evolved Packet Gateway is a multifunctional gateway for mobile communications from Ericsson, Sweden. A security vulnerability exists in Ericsson Evolved Packet Gateway that stems from a lack of input validation. The vulnerability can be exploited to bypass the system CLI and execute...
Qualcomm Data Modem Input Validation Error Vulnerability
Qualcomm Data Modem is a data modem from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Data Modem that stems from a failure to check input validation of certain parameters received from the ePDG server, which could result in a buffer overflow...