Lucene search
K

53 matches found

Packet Storm News
Packet Storm News
added 2026/02/20 12:0 a.m.6 views

Influence of Autoencoder Latent Space on Classifying IoT CoAP Attacks

The Internet of Things IoT presents a unique cybersecurity challenge due to its vast network of interconnected, resource-constrained devices. These vulnerabilities not only threaten data integrity but also the overall functionality of IoT systems. This study addresses these challenges by explorin...

6AI score
Exploits0
OSV
OSV
added 2025/12/10 10:16 p.m.4 views

CVE-2025-65291

Aqara Hub devices including Hub M2 4.3.60027, Hub M3 4.3.60025, Camera Hub G3 4.1.90027 fail to validate server certificates in TLS connections for discovery services and CoAP gateway communications, enabling man-in-the-middle attacks on device control and monitoring...

7.4CVSS5.8AI score0.00157EPSS
Exploits1References1
NVD
NVD
added 2025/12/10 10:16 p.m.4 views

CVE-2025-65291

Aqara Hub devices including Hub M2 4.3.60027, Hub M3 4.3.60025, Camera Hub G3 4.1.90027 fail to validate server certificates in TLS connections for discovery services and CoAP gateway communications, enabling man-in-the-middle attacks on device control and monitoring...

7.4CVSS0.00157EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/10 12:0 a.m.20 views

CVE-2025-65291

Aqara Hub devices including Hub M2 4.3.60027, Hub M3 4.3.60025, Camera Hub G3 4.1.90027 fail to validate server certificates in TLS connections for discovery services and CoAP gateway communications, enabling man-in-the-middle attacks on device control and monitoring...

0.00157EPSS
Exploits1References1
Snyk
Snyk
added 2025/11/24 2:40 p.m.4 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the coapdtlsinfocallback function when a DTLS handshake occurs and SSLgetappdata returns NULL. An attacker can cause the application to crash by initiating a specially crafted DTLS handshake. Remediation...

7.1CVSS5.7AI score0.00226EPSS
Exploits0References2
OSV
OSV
added 2025/11/24 2:15 p.m.3 views

DEBIAN-CVE-2025-65496

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

4.3CVSS5.3AI score0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/24 12:0 a.m.7 views

PT-2025-47912

NULL pointer dereference in coap dtls generate cookie in src/coap openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL get SSL CTX to return NULL...

6.7AI score0.00226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/24 12:0 a.m.9 views

PT-2025-47914

NULL pointer dereference in coap dtls generate cookie in src/coap openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL get SSL CTX to return NULL...

6.7AI score0.00226EPSS
Exploits0References3
CVE
CVE
added 2025/11/24 12:0 a.m.16 views

CVE-2025-65498

CVE-2025-65498 affects libcoap (core library) with a NULL pointer dereference in coap_dtls_generate_cookie() (src/coap_openssl.c) of libcoap 4.3.5, allowing remote attackers to cause a denial of service during a crafted DTLS handshake when SSL_get_SSL_CTX() returns NULL. Public references list li...

4.3CVSS6.3AI score0.00226EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-24861

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.00415EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.3 views

FreeCoAP 缓冲区错误漏洞

FreeCoAP is a C implementation of the CoAP server, client, and HTTP/CoAP proxy by Keith Cullen, a personal developer. A security vulnerability exists in FreeCoAP version 0.7, which originates in the serverhandleregular function of the testcoapserver.c file and can lead to a denial of service...

8.2CVSS6.7AI score0.00532EPSS
Exploits1References3
Fedora
Fedora
added 2024/09/13 9:3 p.m.14 views

[SECURITY] Fedora 41 Update: libcoap-4.3.5-6.fc41

The Constrained Application Protocol CoAP is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Inter net of Things. The protocol is designed for machine-to-machine M2M applications such as smart energy and building automation. libcoap implements a...

7.5CVSS7.4AI score0.00557EPSS
Exploits0
CNNVD
CNNVD
added 2024/05/31 12:0 a.m.4 views

FreeCoAP Security Vulnerabilities

FreeCoAP is a C implementation of the CoAP server, client, and HTTP/CoAP proxy by Keith Cullen, a personal developer. A security vulnerability exists in FreeCoAP version 0.7, which stems from a problem with the coapmsg.c file that allows remote attackers to cause a denial of service or informatio...

9.1CVSS6.5AI score0.00785EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2024-75863445ff)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.00866EPSS
Exploits1References3
Fedora
Fedora
added 2024/05/03 1:33 a.m.36 views

[SECURITY] Fedora 39 Update: libcoap-4.3.4a-2.fc39

The Constrained Application Protocol CoAP is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Inter net of Things. The protocol is designed for machine-to-machine M2M applications such as smart energy and building automation. libcoap implements a...

7.5CVSS6.5AI score0.00866EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.4 views

PT-2023-12817 · Qualcomm · 9205 Lte Modem Firmware +7

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: The issue is related to memory corruption in a modem, caused by improper input validation when handling incoming CoAP messages. Recommendations: At the moment, there is no information...

9.8CVSS7.1AI score0.00417EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.5 views

PT-2023-13238 · Qualcomm · 9205 Lte Modem Firmware +18

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue is related to memory corruption in a modem. This occurs due to an improper check while calculating the size of a serialized CoAP message, leading to potential exploitation...

9.8CVSS7.1AI score0.00417EPSS
Exploits0References2
Prion
Prion
added 2022/11/10 12:15 a.m.23 views

Design/Logic Flaw

Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. In versions prior to 3.7.0, and 2.7.4, Californium is vulnerable to a Denial of Service. Failing handshakes don't cleanup counters for throttling, causing the threshold to be reached...

6.4CVSS7.8AI score0.00553EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/02/01 12:0 a.m.6 views

Eclipse Wakaama 缓冲区错误漏洞

Eclipse Wakaama is a C-based, open source implementation of the OMA LWM2M protocol from the Eclipse Foundation. A buffer error vulnerability exists in Eclipse Wakaama versions 2021-01-14 and earlier, which stems from the CoAP parsing code failing to properly clean up data received over the networ...

7.5CVSS7.6AI score0.01358EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/02/01 12:0 a.m.4 views

PT-2022-11359 · Eclipse · Eclipse Wakaama

Name of the Vulnerable Software and Affected Versions: Eclipse Wakaama versions prior to 2021-01-14 Description: The issue arises from the CoAP parsing code in Eclipse Wakaama, which fails to properly sanitize network-received data. This has been the case since the inception of Eclipse Wakaama...

7.5CVSS7AI score0.01358EPSS
Exploits1References5
Rows per page
Query Builder