CVE-2025-60336

A NULL pointer dereference in the sub41773C function of TOTOLINK N600R v4.3.0cu.7866B20220506 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2025-60336

A NULL pointer dereference in the sub41773C function of TOTOLINK N600R v4.3.0cu.7866B20220506 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2025-60335

A NULL pointer dereference in the main function of TOTOLINK N600R v4.3.0cu.7866B20220506 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in h11-0.14.0-py3-none-any.whl CVE-2025-43859

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in h11-0.14.0-py3-none-any.whl CVE-2025-43859 Vulnerability Details CVEID:CVE-2025-43859 DESCRIPTION: h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of...

CVE-2025-60335

A NULL pointer dereference in the main function of TOTOLINK N600R v4.3.0cu.7866B20220506 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2025-60332

A NULL pointer dereference in the SetWLanRadioSettings function of D-Link DIR-823G A1 v1.0.2B05 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2025-60336

TOTOLINK N600R affected by a NULL pointer dereference in the sub_41773C function of firmware version 4.3.0cu.7866_B20220506, leading to Denial of Service via a crafted HTTP request. The CVE describes the vulnerability without specifying a fixed version; several sources corroborate a DoS impact, b...

CVE-2025-60335

CVE-2025-60335 affects TOTOLINK N600R (v4.3.0cu.7866_B20220506). The main function contains a null pointer dereference that can be triggered by a crafted HTTP request, enabling a Denial of Service. CVSS v3.1 base score 7.5 (HIGH) with network attack vector, no privileges, no user interaction requ...

PT-2025-43376

Name of the Vulnerable Software and Affected Versions TOTOLINK N600R version 4.3.0cu.7866 B20220506 Description A NULL pointer dereference exists in the main function of the software. This allows attackers to cause a Denial of Service DoS by sending a crafted HTTP request. Recommendations Update ...

CVE-2025-60336

A NULL pointer dereference in the sub41773C function of TOTOLINK N600R v4.3.0cu.7866B20220506 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

BIT-ASPNET-CORE-2025-55315 ASP.NET Security Feature Bypass Vulnerability

Inconsistent interpretation of http requests 'http request/response smuggling' in ASP.NET Core allows an authorized attacker to bypass a security feature over a network...

dotnet: .NET Security Feature Bypass Vulnerability

A flaw was found in ASP.NET Core’s HTTP request handling that leads to inconsistent interpretation of specially crafted HTTP requests. This mismatch can be abused by an authorized network attacker to smuggle or manipulate request boundaries, allowing bypass of security controls or unintended...

USN-7822-1 dotnet8, dotnet9, dotnet10 vulnerabilities

It was discovered that .NET did not properly handle the creation of temporary build time directories. An attacker could possibly use this issue to cause a denial of service. CVE-2025-55247 It was discovered that .NET did not properly establish TLS sessions for SMTP server connections. An attacker...

dotnet: .NET Security Feature Bypass Vulnerability

A flaw was found in ASP.NET Core’s HTTP request handling that leads to inconsistent interpretation of specially crafted HTTP requests. This mismatch can be abused by an authorized network attacker to smuggle or manipulate request boundaries, allowing bypass of security controls or unintended...

EUVD-2025-34517

A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with obtained normal user credentials could exploit the vulnerability to access certain data which are restricted to admin privileges, such as system-sensitive files through specific HTTP request. This may...

Tenda W12 Null Pointer Dereference Vulnerability

Tenda W12 is a dual-band Gigabit wireless panelized access point AP from Tenda Technology, designed for hotels, villas, large homes and other scenarios, supporting the IEEE802.11ac protocol and the Wave2 standard with 1167Mbps dual-band concurrent rate. A null pointer dereference vulnerability...

PT-2025-42234

Name of the Vulnerable Software and Affected Versions Dahua embedded products affected versions not specified Description A security issue exists in Dahua embedded products. An attacker gaining normal user credentials can potentially access data restricted to administrator privileges, including...

CVE-2025-55315

Inconsistent interpretation of http requests 'http request/response smuggling' in ASP.NET Core allows an authorized attacker to bypass a security feature over a network...

UBUNTU-CVE-2025-55315

Inconsistent interpretation of http requests 'http request/response smuggling' in ASP.NET Core allows an authorized attacker to bypass a security feature over a network...

CVE-2025-31994

HCL Unica Campaign 12.1.10 is vulnerable to Reflected Cross-Site Scripting XSS where an attacker injects malicious script into an HTTP request, which is then reflected unsafely in the server's immediate response to the victim's browser, executing the script as if it originated from the trusted...