CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In nDPI through 3.2 Stable, an out-of-bounds read in concathashstring in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment monitored by nDPI's library...

7.5CVSS6.7AI score0.00473EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:14 p.m.•3 views

CVE-2020-15471

In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpiparsepacketlineinfo in lib/ndpimain.c...

9.1CVSS7.1AI score0.00559EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:14 p.m.•3 views

CVE-2020-15475

In nDPI through 3.2, ndpiresetpacketlineinfo in lib/ndpimain.c omits certain reinitialization, leading to a use-after-free...

9.8CVSS6.7AI score0.00694EPSS

Exploits0

NVD•added 2025/02/03 6:15 a.m.•10 views

CVE-2025-25066

nDPI through 4.12 has a potential stack-based buffer overflow in ndpiaddresscacherestore in lib/ndpicache.c...

8.4CVSS0.0006EPSS

Exploits0References1

OSV•added 2025/02/03 6:15 a.m.•7 views

CVE-2025-25066

nDPI through 4.12 has a potential stack-based buffer overflow in ndpiaddresscacherestore in lib/ndpicache.c...

8.4CVSS7.7AI score

Exploits0References1

Cvelist•added 2025/02/03 12:0 a.m.•8 views

CVE-2025-25066

nDPI through 4.12 has a potential stack-based buffer overflow in ndpiaddresscacherestore in lib/ndpicache.c...

8.1CVSS0.0006EPSS

Exploits0References1

CVE•added 2025/02/03 12:0 a.m.•75 views

CVE-2025-25066

CVE-2025-25066 affects nDPI, specifically version 4.12 and earlier, due to a potential stack-based buffer overflow in ndpi_address_cache_restore (lib/ndpi_cache.c). The connected sources consistently describe this vulnerability as a local issue with high impact (confidentiality/integrity/availabi...

8.4CVSS7.5AI score0.0006EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2022/10/16 12:0 a.m.•1 views

PT-2022-36687 · Git +1 · Ndpi

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves several functions: ndpi search irc tcp, check ndpi detection func, and ndp...

6.9AI score

Exploits0References2

OSV•added 2020/07/01 11:15 a.m.•13 views

CVE-2020-15473

In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpisearchopenvpn in lib/protocols/openvpn.c...

9.1CVSS6.9AI score0.00433EPSS

Exploits1References2

OSV•added 2020/04/23 3:15 p.m.•2 views

DEBIAN-CVE-2020-11939

In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concathashstring in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI...

9.8CVSS8.7AI score0.08342EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by