Lucene search
K

121 matches found

OSV
OSV
added 2026/03/18 8:6 p.m.5 views

GHSA-7G27-V5WJ-JR75 free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference

Impact This is a NULL Pointer Dereference vulnerability leading to Denial of Service. - Security Impact: A remote attacker can cause the UDM service to panic and crash by sending a crafted POST request to the /sdm-subscriptions endpoint with a malformed URL path containing path traversal sequence...

8.7CVSS5.8AI score0.00486EPSS
Exploits1References6
OSV
OSV
added 2026/03/05 12:26 a.m.5 views

GHSA-HX52-CV84-JR5V Sliver is Vulnerable to Authenticated Nil-Pointer Dereference through its Handlers

Executive Summary A vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting nested fields in a signed message, an authenticated actor can trigger an unhandled runtime panic...

5.3CVSS6AI score0.00504EPSS
Exploits1References3
OSV
OSV
added 2026/02/24 12:15 a.m.6 views

CVE-2026-26025 free5GC SMF crash (nil pointer dereference) on PFCP SessionReportRequest when ReportType.USAR=1 and UsageReport omits mandatory URRID sub-IE 

free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, SMF panics and terminates when processing a malformed PFCP SessionReportRequest on the PFCP UDP/8805 interface. No known upstrea...

8.7CVSS5.9AI score0.00302EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/24 12:12 a.m.6 views

CVE-2026-26024 free5GC SMF crash (nil pointer dereference) on PFCP SessionReportRequest when ReportType.USAR=1 and UsageReport omits mandatory URRID sub-IE 

free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, SMF panics and terminates when processing a malformed PFCP SessionReportRequest on the PFCP UDP/8805 interface. No known upstrea...

8.7CVSS5.3AI score0.00302EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/24 12:10 a.m.4 views

CVE-2026-25501 free5GC SMF crash (nil pointer dereference) on PFCP SessionReportRequest when ReportType.DLDR is set but DownlinkDataReport IE is missing

free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, SMF panics due to nil pointer dereference and the SMF process terminates. This is triggered by a malformed PFCP...

8.7CVSS5.3AI score0.0031EPSS
Exploits1References2
OSV
OSV
added 2026/02/24 12:10 a.m.5 views

CVE-2026-25501 free5GC SMF crash (nil pointer dereference) on PFCP SessionReportRequest when ReportType.DLDR is set but DownlinkDataReport IE is missing

free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, SMF panics due to nil pointer dereference and the SMF process terminates. This is triggered by a malformed PFCP...

8.7CVSS5.9AI score0.0031EPSS
Exploits1References4
OSV
OSV
added 2026/02/06 6:8 p.m.5 views

GHSA-CR88-6MQM-4G57 Gogs has a Denial of Service issue

Summary An authenticated user can cause a DOS attack. If one of the repo files is deleted before synchronization, it will cause the application to crash. Details If GetMirrorByRepoID fails, the error log dereferencing null pointer. This happens if the repository no longer exits...

6.5CVSS5.4AI score0.00336EPSS
Exploits1References6
NVD
NVD
added 2026/01/22 10:16 p.m.11 views

CVE-2026-23831

Rekor is a software supply chain transparency log. In versions 1.4.3 and below, the entry implementation can panic on attacker-controlled input when canonicalizing a proposed entry with an empty spec.message, causing nil Pointer Dereference. Function validate returns nil success when message is...

5.3CVSS0.00384EPSS
Exploits0References3
OSV
OSV
added 2026/01/22 10:16 p.m.4 views

UBUNTU-CVE-2026-23831

Rekor is a software supply chain transparency log. In versions 1.4.3 and below, the entry implementation can panic on attacker-controlled input when canonicalizing a proposed entry with an empty spec.message, causing nil Pointer Dereference. Function validate returns nil success when message is...

5.3CVSS7.2AI score0.00384EPSS
Exploits0References5
OSV
OSV
added 2025/12/22 6:15 p.m.4 views

GO-2025-4244 SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference in github.com/emiago/sipgo

SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference in github.com/emiago/sipgo...

8.7CVSS6.5AI score0.00487EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/18 12:0 a.m.4 views

CVE-2025-65563

A denial-of-service vulnerability exists in the omec-project UPF component upf-epc/pfcpiface up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler...

6.4AI score0.00369EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/18 12:0 a.m.23 views

CVE-2025-65564

A denial-of-service vulnerability exists in the omec-upf upf-epc-pfcpiface in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory Recovery Time Stamp Information Element, the association setup handler dereferences a nil pointer...

0.0036EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/16 10:2 p.m.4 views

EUVD-2025-203854

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS6.6AI score0.00487EPSS
Exploits1References2
CVE
CVE
added 2025/12/16 10:2 p.m.17 views

CVE-2025-68274

CVE-2025-68274 describes a nil pointer dereference in the SIPGO library when building SIP responses with NewResponseFromRequest, triggered if the incoming SIP request is missing a To header. The issue can cause a remote attacker to crash SIP applications that use this function, effectively a deni...

8.7CVSS6.8AI score0.00487EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/16 10:2 p.m.4 views

CVE-2025-68274 SIPGO library has response DoS vulnerability via nil pointer dereference

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS6.8AI score0.00487EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/16 9:24 p.m.4 views

EUVD-2025-203844

SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference...

6.4AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/12/16 9:24 p.m.9 views

SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference

Description A nil pointer dereference vulnerability was discovered in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header. T...

8.7CVSS7AI score0.00487EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2025/11/14 12:0 a.m.12 views

CVE-2025-63745

CVE-2025-63745 affects radare2 up to version 6.0.5, where a NULL pointer dereference in the info() function of bin_ne.c can be triggered by crafted binary input, causing a segmentation fault and denial of service when processing malformed data. Affected component: radare2’s bin_ne.c (info() funct...

5.5CVSS6.3AI score0.0013EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2025/11/09 12:23 a.m.7 views

SUSE CVE-2025-59836

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, there is a nil pointer dereference vulnerability in the Omni Resource Service allows unauthenticated users to cause a server panic and denial of service by sending empty create/update resource reques...

7.5CVSS6.7AI score0.0053EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/10/14 9:49 p.m.10 views

CVE-2025-59836

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, there is a nil pointer dereference vulnerability in the Omni Resource Service allows unauthenticated users to cause a server panic and denial of service by sending empty create/update resource reques...

5.3CVSS6.7AI score0.0053EPSS
Exploits1References1
Rows per page
Query Builder