332 matches found
CVE-2025-68274
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...
CVE-2025-68274
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...
EUVD-2025-203854
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...
CVE-2025-68274 SIPGO library has response DoS vulnerability via nil pointer dereference
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...
CVE-2025-68274
CVE-2025-68274 describes a nil pointer dereference in the SIPGO library when building SIP responses with NewResponseFromRequest, triggered if the incoming SIP request is missing a To header. The issue can cause a remote attacker to crash SIP applications that use this function, effectively a deni...
CVE-2025-68274 SIPGO library has response DoS vulnerability via nil pointer dereference
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...
CVE-2025-68274 SIPGO library has response DoS vulnerability via nil pointer dereference
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...
EUVD-2025-203844
SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference...
SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference
Description A nil pointer dereference vulnerability was discovered in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header. T...
GHSA-C623-F998-8HHV SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference
Description A nil pointer dereference vulnerability was discovered in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header. T...
PT-2025-51791
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference affecting VerifyVoteExtension and vote verification functions. An attacker can cause intermittent validator panics and disrupt consensus operations by submitting a VoteExtension message with the blockhash field...
GHSA-M6WQ-66P2-C8PC Babylon Nil BlockHash in BLS vote extensions triggers panics in consensus handlers
Summary A vulnerability exists in Babylon’s BLS vote extension processing where a malicious active validator can submit a VoteExtension with the blockhash field omitted from the protobuf serialization. Because protobuf fields are optional, unmarshalling succeeds but leaves BlockHash as nil. Babyl...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference affecting VerifyVoteExtension and vote verification functions. An attacker can cause intermittent validator panics and disrupt consensus operations by submitting a VoteExtension message with the blockhash field...
Babylon Nil BlockHash in BLS vote extensions triggers panics in consensus handlers
Summary A vulnerability exists in Babylon’s BLS vote extension processing where a malicious active validator can submit a VoteExtension with the blockhash field omitted from the protobuf serialization. Because protobuf fields are optional, unmarshalling succeeds but leaves BlockHash as nil. Babyl...
GO-2025-4163 NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST in github.com/free5gc/nssf
NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST in github.com/free5gc/nssf...
SUSE-SU-2025:21093-1 Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778 - CVE-2025-38500: xfrm: interface: fix use-after-free...
NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST
An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the NnssfNSSAIAvailability API...
CVE-2025-63745
CVE-2025-63745 affects radare2 up to version 6.0.5, where a NULL pointer dereference in the info() function of bin_ne.c can be triggered by crafted binary input, causing a segmentation fault and denial of service when processing malformed data. Affected component: radare2’s bin_ne.c (info() funct...
SUSE CVE-2025-59836
Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, there is a nil pointer dereference vulnerability in the Omni Resource Service allows unauthenticated users to cause a server panic and denial of service by sending empty create/update resource reques...