CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

66 matches found

EUVD•added 2026/06/02 2:35 p.m.•10 views

EUVD-2026-33945

SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...

9.1CVSS5.7AI score0.00174EPSS

Exploits0References1

Vulnrichment•added 2026/06/02 2:35 p.m.•9 views

CVE-2026-10629 CVE-2026-10629

5.7AI score0.00174EPSS

Exploits0References1

CNNVD•added 2026/06/02 12:0 a.m.•6 views

Verizon VoLTE 安全漏洞

Verizon VoLTE is a high-definition voice communication service provided by Verizon based on 4G LTE networks. There is a security vulnerability in Verizon VoLTE, which stems from the fact that SIP signaling does not use IPsec integrity protection. This vulnerability may allow attackers to compromi...

7.4CVSS5.3AI score0.00174EPSS

Exploits0References3

Positive Technologies•added 2026/06/02 12:0 a.m.•16 views

PT-2026-45769

Name of the Vulnerable Software and Affected Versions Verizon IMS affected versions not specified Description The SIP signaling stack implements SIP signaling without IPsec integrity protection, specifically lacking Security-Client/Security-Server headers and ESP traffic. This allows an on-path...

7.4CVSS5.4AI score0.00174EPSS

Exploits0References4

CERT•added 2026/06/02 12:0 a.m.•11 views

Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE Deployments

Overview VoLTE deployments on Verizon’s IMS network have operated without negotiated SIP integrity protection. In observed test conditions, SIP signaling—including registration, call setup, and messaging—traveled without IPsec ESP encapsulation and without SIP Security Agreement headers, exposing...

7.4CVSS5.7AI score0.00174EPSS

Exploits0References4

OSV•added 2026/02/04 9:15 p.m.•4 views

CVE-2025-15555

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hssogsdiamcxmarcb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGSKEYLEN results in stack-based buffer overflow. The attack may be...

8.2CVSS5.9AI score

Exploits0References7

Cvelist•added 2026/02/04 8:32 p.m.•27 views

CVE-2025-15555 Open5GS VoLTE Cx-Test hss-cx-path.c hss_ogs_diam_cx_mar_cb stack-based overflow

7.5CVSS0.00518EPSS

Exploits1References7

CVE•added 2026/02/04 8:32 p.m.•11 views

CVE-2025-15555

Open5GS up to 2.7.6 contains a stack-based buffer overflow in hss_ogs_diam_cx_mar_cb (src/hss/hss-cx-path.c) within the VoLTE Cx-Test component. The vulnerability is triggered by manipulation of the OGS_KEY_LEN argument and can be exploited remotely. A patch identified as 54dda041211098730221d0ae...

8.2CVSS7.9AI score0.00518EPSS

Exploits1References7Affected Software1

EUVD•added 2026/02/04 8:32 p.m.•5 views

EUVD-2025-206778

7.5CVSS5.9AI score0.00518EPSS

Exploits1References7

Positive Technologies•added 2026/02/04 12:0 a.m.•6 views

PT-2026-5891

Name of the Vulnerable Software and Affected Versions Open5GS versions through 2.7.6 Description A security flaw exists in Open5GS. The issue involves a stack-based buffer overflow in the hss ogs diam cx mar cb function within the src/hss/hss-cx-path.c file, part of the VoLTE Cx-Test component. T...

7.5CVSS6AI score0.00518EPSS

Exploits1References10

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2016-1592

Malware in sbrugna...

10CVSS9.5AI score0.01354EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2019-2397

Malware in sbrugna...

10CVSS9.2AI score0.00902EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2021-25992

Malware in sbrugna...

9.4CVSS9AI score0.00493EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-28838