CVE-2025-12206

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this...

UBUNTU-CVE-2025-12206

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this...

CVE-2025-12207 Kamailio Grammar Rule cfg.y yyerror_at null pointer dereference

A vulnerability has been found in Kamailio 5.5. This affects the function yyerrorat of the file src/core/cfg.y of the component Grammar Rule Handler. Such manipulation leads to null pointer dereference. The attack needs to be performed locally. The exploit has been disclosed to the public and may...

EUVD-2025-36070

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. The vendor was contacted early about...

CVE-2025-12206

Kamailio 5.5 is affected by CVE-2025-12206 due to a flaw in the rve_is_constant function in src/core/rvalue.c, causing a null pointer dereference. The attack is local and relies on manipulating configuration files; an exploit has been published, but it is still unclear whether the vulnerability e...

CVE-2025-12199

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent...

CVE-2025-12200

CVE-2025-12200 is a withdrawn candidate. Connected sources describe dnsmasq parsing failures in parse_dhcp_opt (option.c) prior to 2.73rc6 causing a local null pointer dereference. Exploitation is local; remediation is to upgrade to a version newer than 2.73rc6. Several vendors reference this iss...

EUVD-2025-36060

A vulnerability was found in dnsmasq up to 2.73rc6. Affected by this vulnerability is the function checkservers of the file src/network.c of the component Config File Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been mad...

Kamailio 代码问题漏洞

Kamailio is an open source implementation of a SIP signaling server from Kamailio Open Source. A code issue vulnerability exists in Kamailio version 5.5, which stems from a null pointer dereference in the function yyerrorat in the file src/core/cfg.y, which could lead to a local attack...

PT-2025-43757

Name of the Vulnerable Software and Affected Versions dnsmasq versions up to 2.73rc6 Description A flaw exists in dnsmasq that involves a null pointer dereference within the check servers function, located in the src/network.c file of the Config File Handler component. This issue can be triggered...

PT-2025-44015

Name of the Vulnerable Software and Affected Versions FRRouting/frr versions 2.0 through 10.4.1 Description FRRouting/frr contains a flaw due to a NULL pointer dereference in the opaque info detail function located in ospf opaque.c. This issue can be exploited by attackers sending a specially...

PT-2025-44020

Name of the Vulnerable Software and Affected Versions FRRouting/frr versions 2.0 through 10.4.1 Description FRRouting/frr contains a flaw due to a NULL pointer dereference in the ospf opaque lsa dump function located in ospf opaque.c. This issue can be triggered by specific malformed Link State...

CVE-2025-61099

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaqueinfodetail function at ospfopaque.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted LS Update packet...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21846)

acct: perform last write from workqueue This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503731; scriptversion"1.2";...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-50058)

"In the Linux kernel, the following vulnerability has been resolved: serial: protect uartportdtrrts in uartshutdown too Commit af224ca2df29 serial: core: Prevent unsafe uart port access, part 3 added few uport == NULL checks. It added one to uartshutdown, so the commit assumes, uport can be NULL ...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21814)

ptp: Ensure info-enable callback is always set This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503440; scriptversion"1.2";...

FRRouting 安全漏洞

FRRouting is the FRRouting open source suite of network routing software that runs on Unix-like platforms. A security vulnerability exists in FRRouting versions 4.0 through 10.4.1, which stems from the presence of a null pointer dereference in the showvtylinkinfo function, which could lead to a...

CVE-2025-61105

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtylinkinfo function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

CVE-2025-61100

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospfopaquelsadump function at ospfopaque.c. This vulnerability allows attackers to cause a Denial of Service DoS under specific malformed LSA conditions...

CVE-2025-61100

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospfopaquelsadump function at ospfopaque.c. This vulnerability allows attackers to cause a Denial of Service DoS under specific malformed LSA conditions...