814 matches found
CVE-2025-67111
An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service DoS via a crafted message...
CVE-2025-67111
An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service DoS via a crafted message...
CVE-2025-67111
An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service DoS via a crafted message...
CVE-2025-67111
Vulnerability summary: CVE-2025-67111 affects OpenDDS DDS prior to 3.33.0. The issue is an integer overflow in the RTPS protocol implementation, enabling a Denial of Service via a crafted message. What’s affected: OpenDDS DDS (RTPS protocol implementation) before v3.33.0. Impact (as stated): Deni...
Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability
Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message. Please be aware that CVE-2025-59719...
CVE-2025-64169
CVE-2025-64169 — Wazuh NULL pointer dereference in fim_alert : The issue affects Wazuh 3.7.0 up to, but not including, 4.12.0, where fim_alert() may dereference oldsum->md5 without NULL-check, potentially causing analysisd to crash when a compromised agent sends a crafted message. The vulnerab...
CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...
CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...
Underflow in aes_key_unwrap function
The aeskeyunwrap function would panic if passed a ciphertext that was too short. In a debug build, it would panic due to a subtraction underflow. In a release build, it would use the small negative quantity to allocate a vector. Since the allocator expects an unsigned quantity, the negative value...
CVE-2025-62790
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimfetchattributesstate implementation does not check whether timestring is NULL or not before calling strlen on it. A compromised agent can cause a crash of analysisd by sending a...
CVE-2025-62791 Wazuh vulnerable to NULL pointer dereference in DecodeCiscat
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, DecodeCiscat implementation does not check the return the value of cJSONGetObjectItem for a possible NULL value in case of an error. A compromised agent can cause a crash of analysisd by...
CVE-2025-62789 Wazuh vulnerable to NULL pointer dereference in fim_alert line 712
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimalert implementation does not check whether the return value of ctimer is NULL or not before calling strdup on it. A compromised agent can cause a crash of analysisd by sending a...
CVE-2025-41707
The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality...
EUVD-2025-34182
A denial-of-service security issue in the affected product. The security issue stems from a fault occurring when a crafted CIP unconnected explicit message is sent. This can result in a major non-recoverable fault...
CVE-2025-41707 Phoenix Contact: WebSocket Handler Denial of Service
The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality...
CVE-2025-41707 Phoenix Contact: WebSocket Handler Denial of Service
The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality...
PT-2025-41857
Name of the Vulnerable Software and Affected Versions Affected versions not specified Description The websocket handler is susceptible to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger this issue. The core functionality is not...
EUVD-2004-1670
Malware in sbrugna...
EUVD-2020-26935
Malware in sbrugna...
EUVD-2011-4059
Malware in sbrugna...