CVE-2025-12247

A weakness has been identified in Hasleo Backup Suite up to 5.2. Impacted is an unknown function of the component HasleoImageMountService/HasleoBackupSuiteService. This manipulation causes unquoted search path. The attack is restricted to local execution. The attack's complexity is rated as high...

CVE-2025-12206

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this...

UBUNTU-CVE-2025-12207

A vulnerability has been found in Kamailio 5.5. This affects the function yyerrorat of the file src/core/cfg.y of the component Grammar Rule Handler. Such manipulation leads to null pointer dereference. The attack needs to be performed locally. The exploit has been disclosed to the public and may...

CVE-2025-12207

CVE-2025-12207 affects Kamailio 5.5, specifically the yyerror_at function in src/core/cfg.y of the Grammar Rule Handler. The issue arises from manipulation of configuration data, leading to a null pointer dereference. Attack feasibility is described as local, with public disclosure noted; the exi...

CVE-2025-12206

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this...

CVE-2025-12199

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent...

DEBIAN-CVE-2025-12199

Bulletin has no description...

CVE-2025-12199

...

CVE-2025-12199

DNSmasq vulnerability CVE-2025-12199 (connected sources: SUSE/Red Hat/OSV/Ubuntu etc.) indicates a null pointer dereference in the Config File Handler, specifically in the check_servers function within src/network.c. Affected versions are reported as up to 2.73rc6. The issue is described as local...

Kamailio 代码问题漏洞

Kamailio is an open source implementation of a SIP signaling server from Kamailio Open Source. A code issue vulnerability exists in Kamailio version 5.5, which stems from a null pointer dereference in the function yyerrorat in the file src/core/cfg.y, which could lead to a local attack...

VeePN 代码问题漏洞

VeePN is a VPN service platform from VeePN Inc. A code issue vulnerability exists in VeePN 1.6.2 and earlier versions, which originates from an unquoted search path in the file C:Program Files x86VeePNavserviceavservice.exe, which could lead to a local attack...

Kamailio 缓冲区错误漏洞

Kamailio is an open source implementation of a SIP signaling server from Kamailio Open Source. A buffer error vulnerability exists in Kamailio version 5.5, which stems from a heap buffer overflow in the function rvedestroy in the file src/core/rvalue.c of the component Configuration File Handler,...

Kamailio 代码问题漏洞

Kamailio is an open source implementation of a SIP signaling server from Kamailio Open Source. A code issue vulnerability exists in Kamailio version 5.5, which stems from a null pointer dereference in the function rveisconstant in the file src/core/rvalue.c, which could lead to a local attack...

EulerOS 2.0 SP13 : ncurses (EulerOS-SA-2025-2272)

According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function...

EulerOS 2.0 SP13 : ncurses (EulerOS-SA-2025-2304)

According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function...

EulerOS 2.0 SP13 : libtiff (EulerOS-SA-2025-2300)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function...

DEBIAN-CVE-2022-4981

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now publ...

CVE-2022-4981

CVE-2022-4981 affects DCMTK up to 3.6.7, with the vulnerable element in the dcmqrscp component: DcmQueryRetrieveConfig::readPeerList (file /dcmqrcnf.cc). The issue causes a null pointer dereference and is exploitable via local access. Public exploit information exists. The recommended fix is upgr...

Oracle Solaris 安全漏洞

Oracle Solaris is a Unix-like operating system developed by Oracle. A file system component vulnerability exists in Oracle Solaris version 11 that stems from a flaw in the system privilege validation mechanism. An attacker could use this vulnerability to cause a complete denial of service sustain...

CVE-2025-11947

A weakness has been identified in bftpd up to 6.2. Impacted is the function expandgroups of the file options.c of the component Configuration File Handler. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack on the local host. Attacks of this natur...