Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

Positive Technologies
Positive Technologiesadded 2026/05/22 12:0 a.m.8 views

PT-2026-42801

Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats X509 V ERR UNABLE TO GET ISSUER CERT...

9.8CVSS5.7AI score0.00041EPSS
Exploits1References2
Anthropic
Anthropicadded 2026/03/29 8:42 p.m.4 views

ANT-2026-K8YY7WWS · wolfSSL · improper-cert-validation

improper-cert-validation high CVE-2026-5501 Severity Claude high · Security research firm high · Maintainer - Discovered by Claude Mythos Preview SECURITY RESEARCH FIRM ANALYSIS Triage and disclosure were performed by Calif. The writeup below is the document the firm sent to the maintainer...

8.6CVSS5.8AI score0.00023EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/11/24 11:11 p.m.1 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter. Mitigation Mitigation for this issue is either no...

7.5CVSS6.3AI score0.00154EPSS
Exploits0References2
EUVD
EUVDadded 2025/11/24 3:30 p.m.2 views

EUVD-2025-198714

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS6.2AI score0.00154EPSS
Exploits0References3
EUVD
EUVDadded 2025/11/24 3:30 p.m.2 views

EUVD-2025-198711

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS6.2AI score0.00142EPSS
Exploits0References3
Snyk
Snykadded 2025/11/24 2:40 p.m.1 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the tlsverifycallback function. An attacker can cause the application to crash by sending a specially crafted DTLS handshake that results in SSLgetexdataX509STORECTXidx returning -1. Remediation...

5.3CVSS5.7AI score0.00142EPSS
Exploits0References2
Snyk
Snykadded 2025/11/24 2:40 p.m.2 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the tlsverifycallback function. An attacker can trigger a denial of service by supplying a specially crafted TLS certificate that causes i2dX509 to return -1, which is then misused as a parameter to...

8.7CVSS5.7AI score0.00154EPSS
Exploits0References2
NVD
NVDadded 2025/11/24 2:15 p.m.2 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS0.00154EPSS
Exploits0References2
OSV
OSVadded 2025/11/24 2:15 p.m.1 views

DEBIAN-CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS5.3AI score0.00142EPSS
Exploits0References1
NVD
NVDadded 2025/11/24 2:15 p.m.1 views

CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS0.00142EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/11/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-65495

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS...

7.5CVSS5.8AI score0.00154EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2025/11/24 12:0 a.m.5 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS5.3AI score0.00154EPSS
Exploits0
Cvelist
Cvelistadded 2025/11/24 12:0 a.m.5 views

CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

0.00142EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/11/24 12:0 a.m.4 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

0.00154EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/11/24 12:0 a.m.1 views

libcoap 安全漏洞

libcoap is a C implementation of a lightweight application protocol open-sourced by obgm. A security vulnerability exists in libcoap version 4.3.5, which stems from an integer sign error in the tlsverifycallback function in src/coapopenssl.c, which could lead to a denial of service attack...

7.5CVSS6.3AI score0.00154EPSS
Exploits0References4
AlpineLinux
AlpineLinuxadded 2025/11/24 12:0 a.m.4 views

CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS6.4AI score0.00142EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/11/24 12:0 a.m.2 views

PT-2025-47909

Integer signedness error in tls verify call back in src/coap openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2d X509 to return -1 and be misused as a malloc size parameter...

7.5CVSS6.7AI score0.00154EPSS
Exploits0References3
CVE
CVEadded 2025/11/24 12:0 a.m.6 views

CVE-2025-65499

The CVE-2025-65499 issue affects libcoap 4.3.5, specifically the tls_verify_call_back() path in src/coap_openssl.c. A misindexed array causes SSL_get_ex_data_X509_STORE_CTX_idx() to return -1, enabling a remote attacker to trigger a denial of service during a crafted DTLS handshake. Public adviso...

4.3CVSS6.3AI score0.00142EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2025/11/24 12:0 a.m.5 views

CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS5.3AI score0.00142EPSS
Exploits0
Rows per page
Query Builder