Lucene search
K

814 matches found

RedhatCVE
RedhatCVE
added 2025/12/24 12:48 a.m.11 views

CVE-2025-67111

An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service DoS via a crafted message...

7.5CVSS7AI score0.00297EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 4:16 p.m.6 views

CVE-2025-67111

An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service DoS via a crafted message...

7.5CVSS0.00297EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/23 12:0 a.m.2 views

CVE-2025-67111

An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service DoS via a crafted message...

6.6AI score0.00297EPSS
Exploits0References2
CVE
CVE
added 2025/12/23 12:0 a.m.14 views

CVE-2025-67111

Vulnerability summary: CVE-2025-67111 affects OpenDDS DDS prior to 3.33.0. The issue is an integer overflow in the RTPS protocol implementation, enabling a Denial of Service via a crafted message. What’s affected: OpenDDS DDS (RTPS protocol implementation) before v3.33.0. Impact (as stated): Deni...

7.5CVSS6.6AI score0.00297EPSS
Exploits0References2Affected Software1
CISA KEV Catalog
CISA KEV Catalog
added 2025/12/16 12:0 a.m.20 views

Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability

Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message. Please be aware that CVE-2025-59719...

9.8CVSS7.8AI score0.66322EPSS
In wildExploits1
CVE
CVE
added 2025/11/21 6:39 p.m.21 views

CVE-2025-64169

CVE-2025-64169 — Wazuh NULL pointer dereference in fim_alert : The issue affects Wazuh 3.7.0 up to, but not including, 4.12.0, where fim_alert() may dereference oldsum->md5 without NULL-check, potentially causing analysisd to crash when a compromised agent sends a crafted message. The vulnerab...

5.1CVSS6.5AI score0.00314EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/11/21 6:39 p.m.4 views

CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

5.1CVSS6.7AI score0.00314EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/11/21 6:39 p.m.12 views

CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

5.1CVSS0.00314EPSS
Exploits1References1
RustSec
RustSec
added 2025/11/07 12:0 p.m.5 views

Underflow in aes_key_unwrap function

The aeskeyunwrap function would panic if passed a ciphertext that was too short. In a debug build, it would panic due to a subtraction underflow. In a release build, it would use the small negative quantity to allocate a vector. Since the allocator expects an unsigned quantity, the negative value...

5.3CVSS6.9AI score0.00297EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/30 5:9 p.m.4 views

CVE-2025-62790

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimfetchattributesstate implementation does not check whether timestring is NULL or not before calling strlen on it. A compromised agent can cause a crash of analysisd by sending a...

7.5CVSS6.7AI score0.00372EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/29 4:48 p.m.2 views

CVE-2025-62791 Wazuh vulnerable to NULL pointer dereference in DecodeCiscat

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, DecodeCiscat implementation does not check the return the value of cJSONGetObjectItem for a possible NULL value in case of an error. A compromised agent can cause a crash of analysisd by...

6.9CVSS6.3AI score0.00305EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/29 4:44 p.m.3 views

CVE-2025-62789 Wazuh vulnerable to NULL pointer dereference in fim_alert line 712

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimalert implementation does not check whether the return value of ctimer is NULL or not before calling strdup on it. A compromised agent can cause a crash of analysisd by sending a...

6.9CVSS6.3AI score0.00372EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/15 1:45 p.m.4 views

CVE-2025-41707

The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality...

5.3CVSS6.9AI score0.0144EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/14 12:24 p.m.5 views

EUVD-2025-34182

A denial-of-service security issue in the affected product. The security issue stems from a fault occurring when a crafted CIP unconnected explicit message is sent. This can result in a major non-recoverable fault...

8.7CVSS6.2AI score0.00374EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/14 8:6 a.m.8 views

CVE-2025-41707 Phoenix Contact: WebSocket Handler Denial of Service

The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality...

5.3CVSS0.0144EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 8:6 a.m.1 views

CVE-2025-41707 Phoenix Contact: WebSocket Handler Denial of Service

The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality...

5.3CVSS6.5AI score0.0144EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.7 views

PT-2025-41857

Name of the Vulnerable Software and Affected Versions Affected versions not specified Description The websocket handler is susceptible to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger this issue. The core functionality is not...

5.3CVSS6.6AI score0.0144EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2004-1670

Malware in sbrugna...

7.5CVSS6.4AI score0.03253EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2020-26935

Malware in sbrugna...

7.5CVSS7.5AI score0.01277EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-4059

Malware in sbrugna...

6.8CVSS6AI score0.02258EPSS
Exploits0References10
Rows per page
Query Builder