Export limit exceeded: 364799 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364799 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-35215 1 Blackberry 1 Qnx Software Development Platform 2025-12-01 6.2 Medium
NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process.
CVE-2025-36114 1 Ibm 1 Soar Qradar Plugin App 2025-12-01 6.5 Medium
IBM QRadar SOAR Plugin App 1.0.0 through 5.6.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
CVE-2025-13581 2 Facebook-julykringcadayona, Itsourcecode 2 Student Information System, Student Information Management System 2025-12-01 6.3 Medium
A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /schedule_edit1.php. Such manipulation of the argument schedule_id leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used.
CVE-2024-51723 1 Blackberry 1 Athoc 2025-12-01 4.6 Medium
A Stored Cross-Site Scripting (XSS) vulnerability in the Management Console of BlackBerry AtHoc version 7.15 could allow an attacker to potentially execute actions in the context of the victim's session.
CVE-2025-65493 1 Libcoap 1 Libcoap 2025-12-01 7.5 High
NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIO_get_data() to return NULL.
CVE-2025-12766 1 Blackberry 1 Athoc 2025-12-01 5 Medium
An Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of BlackBerry® AtHoc® (OnPrem) version 7.21 could allow an attacker to potentially gain unauthorized knowledge about other organizations hosted on the same Interactive Warning System (IWS).
CVE-2024-9468 1 Paloaltonetworks 1 Pan-os 2025-12-01 7.5 High
A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.
CVE-2025-65494 1 Libcoap 1 Libcoap 2025-12-01 7.5 High
NULL pointer dereference in get_san_or_cn_from_cert() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted X.509 certificate that causes sk_GENERAL_NAME_value() to return NULL.
CVE-2025-65794 2025-12-01 N/A
DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2025-65793 2025-12-01 N/A
DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2025-65495 1 Libcoap 1 Libcoap 2025-12-01 7.5 High
Integer signedness error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2d_X509() to return -1 and be misused as a malloc() size parameter.
CVE-2025-65496 1 Libcoap 1 Libcoap 2025-12-01 4.3 Medium
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL.
CVE-2025-65497 1 Libcoap 1 Libcoap 2025-12-01 4.3 Medium
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL.
CVE-2025-65498 1 Libcoap 1 Libcoap 2025-12-01 4.3 Medium
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL.
CVE-2025-65499 1 Libcoap 1 Libcoap 2025-12-01 4.3 Medium
Array index error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_ex_data_X509_STORE_CTX_idx() to return -1.
CVE-2025-65500 1 Libcoap 1 Libcoap 2025-12-01 4.3 Medium
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL.
CVE-2025-65501 1 Libcoap 1 Libcoap 2025-12-01 4.3 Medium
Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSL_get_app_data() returns NULL.
CVE-2025-60632 1 Free5gc 1 Free5gc 2025-12-01 6.5 Medium
An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the Npcf_BDTPolicyControl API.
CVE-2025-60633 1 Free5gc 1 Free5gc 2025-12-01 6.5 Medium
An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via the Nudm_SubscriberDataManagement API.
CVE-2025-63601 1 Snipeitapp 1 Snipe-it 2025-12-01 9.9 Critical
Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an authenticated attacker to upload a malicious backup file containing arbitrary files and execute system commands.