CVE-2025-65501

Null pointer dereference in coapdtlsinfocallback in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSLgetappdata returns NULL...

Linux Distros Unpatched Vulnerability : CVE-2025-65494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL pointer dereference in getsanorcnfromcert in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted X.5...

EulerOS 2.0 SP13 : libtiff (EulerOS-SA-2025-2449)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PSLvl2page of the file tools/tiff2ps...

Updated ffmpeg packages fix security vulnerabilities

FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the avsamplessetsilence function in thelibavutil/samplefmt.c:260:9 component. CVE-2023-50007 FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the avmalloc...

CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

EulerOS 2.0 SP13 : openjpeg2 (EulerOS-SA-2025-2451)

According to the versions of the openjpeg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.CVE-2025-50952 Tenable has extracted the...

EulerOS 2.0 SP13 : openjpeg2 (EulerOS-SA-2025-2441)

According to the versions of the openjpeg2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.CVE-2025-50952 Tenable has extracted the...

TencentOS Server 4: unbound (TSSA-2025:0512)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0512 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: augeas (TSSA-2025:0277)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0277 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: ffmpeg (TSSA-2025:0714)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0714 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: kernel (TSSA-2025:0429)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0429 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: libsoup3 (TSSA-2025:0587)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0587 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-13397

A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function mrbcrawrealloc of the file src/alloc.c. Such manipulation of the argument ptr leads to null pointer dereference. An attack has to be approached locally. The name of the patch is...

CVE-2025-13397 mrubyc alloc.c mrbc_raw_realloc null pointer dereference

A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function mrbcrawrealloc of the file src/alloc.c. Such manipulation of the argument ptr leads to null pointer dereference. An attack has to be approached locally. The name of the patch is...

PT-2025-49094

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's be2net component where the be insert vlan in pkt function is called with a NULL wrb params argument at the be send pkt to bmc call site. This can lead...

PT-2025-47462

A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function mrbc raw realloc of the file src/alloc.c. Such manipulation of the argument ptr leads to null pointer dereference. An attack has to be approached locally. The name of the patch is...

Siemens SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-53240)

xen/netfront: vulnerability causes a crash when removing a device after a suspend/resume cycle due to uninitialized queues, which is fixed by checking for the existence of queues before attempting to stop them. This plugin only works with Tenable.ot. Please visit...

Siemens SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-47712)

wifi: wilc1000: vulnerability caused by a potential RCU dereference issue in wilcparsejoinbssparam by storing the TSF value in a local variable before releasing the RCU lock to prevent use-after-free errors. This plugin only works with Tenable.ot. Please visit...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46755)

wifi: mwifiex: Do not return unused priv in mwifiexgetprivbyid. mwifiexgetprivbyid returns the priv pointer corresponding to the bssnum and bsstype, but without checking if the priv is actually currently in use. Unused priv pointers do not have a wiphy attached to them which can lead to NULL...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56568)

iommu/arm-smmu: Defer probe of clients after smmu device bound Null pointer dereference occurs due to a race between smmu driver probe and client driver probe, when ofdmaconfigure for client is called after the iommudeviceregister for smmu driver probe has executed but before the driverbound for...