CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

324 matches found

Github Security Blog•added 2025/12/16 9:24 p.m.•7 views

SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference

Description A nil pointer dereference vulnerability was discovered in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header. T...

8.7CVSS7AI score0.00487EPSS

Exploits1References4Affected Software1

OSV•added 2025/12/16 9:24 p.m.•2 views

GHSA-C623-F998-8HHV SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference

8.7CVSS6.9AI score0.00487EPSS

Exploits1References4

Positive Technologies•added 2025/12/16 12:0 a.m.•2 views

PT-2025-51791

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS7.1AI score0.00487EPSS

Exploits1References5

Snyk•added 2025/12/08 10:20 p.m.•2 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference affecting VerifyVoteExtension and vote verification functions. An attacker can cause intermittent validator panics and disrupt consensus operations by submitting a VoteExtension message with the blockhash field...

8.7CVSS7AI score

Exploits0References2

Snyk•added 2025/12/08 10:20 p.m.•3 views

NULL Pointer Dereference

8.7CVSS7AI score

Exploits0References2

Github Security Blog•added 2025/12/08 10:20 p.m.•5 views

Babylon Nil BlockHash in BLS vote extensions triggers panics in consensus handlers

Summary A vulnerability exists in Babylon’s BLS vote extension processing where a malicious active validator can submit a VoteExtension with the blockhash field omitted from the protobuf serialization. Because protobuf fields are optional, unmarshalling succeeds but leaves BlockHash as nil. Babyl...

7.2AI score

Exploits0References3Affected Software4

OSV•added 2025/12/08 10:20 p.m.•3 views

GHSA-M6WQ-66P2-C8PC Babylon Nil BlockHash in BLS vote extensions triggers panics in consensus handlers

8.7CVSS7.1AI score

Exploits0References3

OSV•added 2025/12/02 7:46 p.m.•4 views

GO-2025-4163 NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST in github.com/free5gc/nssf

NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST in github.com/free5gc/nssf...

7.5CVSS6.8AI score0.00298EPSS

Exploits1References5

OSV•added 2025/11/28 8:19 a.m.•0 views

SUSE-SU-2025:21093-1 Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778 - CVE-2025-38500: xfrm: interface: fix use-after-free...

7.8CVSS6.8AI score0.00388EPSS

Exploits0References9

Github Security Blog•added 2025/11/24 6:31 p.m.•5 views

NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the NnssfNSSAIAvailability API...

7.5CVSS6.9AI score0.00298EPSS

Exploits1References5Affected Software1

CVE•added 2025/11/14 12:0 a.m.•9 views

CVE-2025-63745

CVE-2025-63745 affects radare2 up to version 6.0.5, where a NULL pointer dereference in the info() function of bin_ne.c can be triggered by crafted binary input, causing a segmentation fault and denial of service when processing malformed data. Affected component: radare2’s bin_ne.c (info() funct...

5.5CVSS6.3AI score0.00127EPSS

Exploits0References4Affected Software1

SUSE CVE•added 2025/11/09 12:23 a.m.•6 views

SUSE CVE-2025-59836

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, there is a nil pointer dereference vulnerability in the Omni Resource Service allows unauthenticated users to cause a server panic and denial of service by sending empty create/update resource reques...

7.5CVSS6.7AI score0.0053EPSS

Exploits1References2

RedhatCVE•added 2025/10/14 9:49 p.m.•8 views

CVE-2025-59836

5.3CVSS6.7AI score0.0053EPSS

Exploits1References1

Vulnrichment•added 2025/10/13 8:43 p.m.•2 views

CVE-2025-59836 Omni is Vulnerable to DoS via Empty Create/Update Resource Requests

5.3CVSS6.3AI score0.0053EPSS

Exploits1References3

OSV•added 2025/10/13 8:43 p.m.•3 views

CVE-2025-59836 Omni is Vulnerable to DoS via Empty Create/Update Resource Requests

5.3CVSS6.5AI score0.0053EPSS

Exploits1References5

Github Security Blog•added 2025/10/13 7:59 p.m.•6 views

Omni is Vulnerable to DoS via Empty Create/Update Resource Requests

Summary A nil pointer dereference vulnerability in the Omni Resource Service allows unauthenticated users to cause a server panic and denial of service by sending empty create/update resource requests through the API endpoints. Details The vulnerability exists in the isSensitiveSpec function whic...

7.5CVSS7.1AI score0.0053EPSS

Exploits1References6Affected Software1

OSV•added 2025/10/13 7:59 p.m.•4 views

GHSA-4P3P-CR38-V5XP Omni is Vulnerable to DoS via Empty Create/Update Resource Requests

5.3CVSS7.1AI score0.0053EPSS

Exploits1References6

Positive Technologies•added 2025/10/13 12:0 a.m.•4 views

PT-2025-41805

Name of the Vulnerable Software and Affected Versions Omni versions prior to 1.1.5 Omni version 1.0.2 Description Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. A nil pointer dereference in the Omni Resource Service allows unauthenticated users to cause a server panic and...

7.5CVSS6.4AI score0.0053EPSS

Exploits1References14