Lucene search
K

332 matches found

RedhatCVE
RedhatCVE
added 2025/12/17 10:8 p.m.6 views

CVE-2025-68274

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS7.1AI score0.00487EPSS
Exploits1References1
NVD
NVD
added 2025/12/16 10:15 p.m.7 views

CVE-2025-68274

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS0.00487EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/16 10:2 p.m.4 views

EUVD-2025-203854

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS6.6AI score0.00487EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/16 10:2 p.m.20 views

CVE-2025-68274 SIPGO library has response DoS vulnerability via nil pointer dereference

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS0.00487EPSS
Exploits1References2
CVE
CVE
added 2025/12/16 10:2 p.m.19 views

CVE-2025-68274

CVE-2025-68274 describes a nil pointer dereference in the SIPGO library when building SIP responses with NewResponseFromRequest, triggered if the incoming SIP request is missing a To header. The issue can cause a remote attacker to crash SIP applications that use this function, effectively a deni...

8.7CVSS6.8AI score0.00487EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/12/16 10:2 p.m.7 views

CVE-2025-68274 SIPGO library has response DoS vulnerability via nil pointer dereference

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS7AI score0.00487EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/16 10:2 p.m.4 views

CVE-2025-68274 SIPGO library has response DoS vulnerability via nil pointer dereference

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS6.8AI score0.00487EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/16 9:24 p.m.4 views

EUVD-2025-203844

SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference...

6.4AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/12/16 9:24 p.m.9 views

SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference

Description A nil pointer dereference vulnerability was discovered in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header. T...

8.7CVSS7AI score0.00487EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/12/16 9:24 p.m.3 views

GHSA-C623-F998-8HHV SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference

Description A nil pointer dereference vulnerability was discovered in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header. T...

8.7CVSS6.9AI score0.00487EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.4 views

PT-2025-51791

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS7.1AI score0.00487EPSS
Exploits1References5
Snyk
Snyk
added 2025/12/08 10:20 p.m.3 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference affecting VerifyVoteExtension and vote verification functions. An attacker can cause intermittent validator panics and disrupt consensus operations by submitting a VoteExtension message with the blockhash field...

8.7CVSS7AI score
Exploits0References2
OSV
OSV
added 2025/12/08 10:20 p.m.3 views

GHSA-M6WQ-66P2-C8PC Babylon Nil BlockHash in BLS vote extensions triggers panics in consensus handlers

Summary A vulnerability exists in Babylon’s BLS vote extension processing where a malicious active validator can submit a VoteExtension with the blockhash field omitted from the protobuf serialization. Because protobuf fields are optional, unmarshalling succeeds but leaves BlockHash as nil. Babyl...

8.7CVSS7.1AI score
Exploits0References3
Snyk
Snyk
added 2025/12/08 10:20 p.m.3 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference affecting VerifyVoteExtension and vote verification functions. An attacker can cause intermittent validator panics and disrupt consensus operations by submitting a VoteExtension message with the blockhash field...

8.7CVSS7AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/12/08 10:20 p.m.6 views

Babylon Nil BlockHash in BLS vote extensions triggers panics in consensus handlers

Summary A vulnerability exists in Babylon’s BLS vote extension processing where a malicious active validator can submit a VoteExtension with the blockhash field omitted from the protobuf serialization. Because protobuf fields are optional, unmarshalling succeeds but leaves BlockHash as nil. Babyl...

7.2AI score
Exploits0References3Affected Software4
OSV
OSV
added 2025/12/02 7:46 p.m.5 views

GO-2025-4163 NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST in github.com/free5gc/nssf

NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST in github.com/free5gc/nssf...

7.5CVSS6.8AI score0.00303EPSS
Exploits1References5
OSV
OSV
added 2025/11/28 8:19 a.m.1 views

SUSE-SU-2025:21093-1 Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778 - CVE-2025-38500: xfrm: interface: fix use-after-free...

7.8CVSS6.8AI score0.00396EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2025/11/24 6:31 p.m.6 views

NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the NnssfNSSAIAvailability API...

7.5CVSS6.9AI score0.00303EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2025/11/14 12:0 a.m.12 views

CVE-2025-63745

CVE-2025-63745 affects radare2 up to version 6.0.5, where a NULL pointer dereference in the info() function of bin_ne.c can be triggered by crafted binary input, causing a segmentation fault and denial of service when processing malformed data. Affected component: radare2’s bin_ne.c (info() funct...

5.5CVSS6.3AI score0.0013EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2025/11/09 12:23 a.m.8 views

SUSE CVE-2025-59836

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, there is a nil pointer dereference vulnerability in the Omni Resource Service allows unauthenticated users to cause a server panic and denial of service by sending empty create/update resource reques...

7.5CVSS6.7AI score0.0053EPSS
Exploits1References2
Rows per page
Query Builder