Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3969 matches found

EUVD
EUVDadded 2025/11/24 3:30 p.m.2 views

EUVD-2025-198711

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS6.2AI score0.00171EPSS
Exploits0References3
EUVD
EUVDadded 2025/11/24 3:30 p.m.3 views

EUVD-2025-198714

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS6.2AI score0.00185EPSS
Exploits0References3
Snyk
Snykadded 2025/11/24 2:40 p.m.1 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the tlsverifycallback function. An attacker can cause the application to crash by sending a specially crafted DTLS handshake that results in SSLgetexdataX509STORECTXidx returning -1. Remediation...

5.3CVSS5.7AI score0.00171EPSS
Exploits0References2
Snyk
Snykadded 2025/11/24 2:40 p.m.2 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the coapdtlsinfocallback function when a DTLS handshake occurs and SSLgetappdata returns NULL. An attacker can cause the application to crash by initiating a specially crafted DTLS handshake. Remediation...

7.1CVSS5.7AI score0.00171EPSS
Exploits0References2
Snyk
Snykadded 2025/11/24 2:40 p.m.2 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the tlsverifycallback function. An attacker can trigger a denial of service by supplying a specially crafted TLS certificate that causes i2dX509 to return -1, which is then misused as a parameter to...

8.7CVSS5.7AI score0.00185EPSS
Exploits0References2
NVD
NVDadded 2025/11/24 2:15 p.m.2 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS0.00185EPSS
Exploits0References2
OSV
OSVadded 2025/11/24 2:15 p.m.1 views

DEBIAN-CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS5.3AI score0.00171EPSS
Exploits0References1
NVD
NVDadded 2025/11/24 2:15 p.m.1 views

CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS0.00171EPSS
Exploits0References2
OSV
OSVadded 2025/11/24 2:15 p.m.1 views

DEBIAN-CVE-2025-65501

Null pointer dereference in coapdtlsinfocallback in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSLgetappdata returns NULL...

4.3CVSS5.3AI score0.00171EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/11/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-65495

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS...

7.5CVSS5.8AI score0.00185EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2025/11/24 12:0 a.m.5 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS5.3AI score0.00185EPSS
Exploits0
Cvelist
Cvelistadded 2025/11/24 12:0 a.m.6 views

CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

0.00171EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/11/24 12:0 a.m.1 views

libcoap 安全漏洞

libcoap is a C implementation of a lightweight application protocol open-sourced by obgm. A security vulnerability exists in libcoap version 4.3.5, which stems from an integer sign error in the tlsverifycallback function in src/coapopenssl.c, which could lead to a denial of service attack...

7.5CVSS6.3AI score0.00185EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/11/24 12:0 a.m.5 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

0.00185EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2025/11/24 12:0 a.m.5 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS6.3AI score0.00185EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2025/11/24 12:0 a.m.4 views

CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS6.4AI score0.00171EPSS
Exploits0References2
CVE
CVEadded 2025/11/24 12:0 a.m.15 views

CVE-2025-65499

The CVE-2025-65499 issue affects libcoap 4.3.5, specifically the tls_verify_call_back() path in src/coap_openssl.c. A misindexed array causes SSL_get_ex_data_X509_STORE_CTX_idx() to return -1, enabling a remote attacker to trigger a denial of service during a crafted DTLS handshake. Public adviso...

4.3CVSS6.3AI score0.00171EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/11/24 12:0 a.m.3 views

PT-2025-47909

Integer signedness error in tls verify call back in src/coap openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2d X509 to return -1 and be misused as a malloc size parameter...

7.5CVSS6.7AI score0.00185EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2025/11/24 12:0 a.m.6 views

CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS5.3AI score0.00171EPSS
Exploits0
Patchstack
Patchstackadded 2025/11/21 8:26 a.m.6 views

WordPress LearnPress plugin <= 4.2.9.4 - Missing Authorization to Unauthenticated Arbitrary Callback Execution to Information Exposure vulnerability

Missing Authorization to Unauthenticated Arbitrary Callback Execution to Information Exposure vulnerability discovered by Lucas Montes Nirox in WordPress Plugin LearnPress versions = 4.2.9.4...

5.3CVSS7AI score0.00769EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder