Export limit exceeded: 364799 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364799 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-35215 | 1 Blackberry | 1 Qnx Software Development Platform | 2025-12-01 | 6.2 Medium |
| NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process. | ||||
| CVE-2025-36114 | 1 Ibm | 1 Soar Qradar Plugin App | 2025-12-01 | 6.5 Medium |
| IBM QRadar SOAR Plugin App 1.0.0 through 5.6.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | ||||
| CVE-2025-13581 | 2 Facebook-julykringcadayona, Itsourcecode | 2 Student Information System, Student Information Management System | 2025-12-01 | 6.3 Medium |
| A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /schedule_edit1.php. Such manipulation of the argument schedule_id leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2024-51723 | 1 Blackberry | 1 Athoc | 2025-12-01 | 4.6 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability in the Management Console of BlackBerry AtHoc version 7.15 could allow an attacker to potentially execute actions in the context of the victim's session. | ||||
| CVE-2025-65493 | 1 Libcoap | 1 Libcoap | 2025-12-01 | 7.5 High |
| NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIO_get_data() to return NULL. | ||||
| CVE-2025-12766 | 1 Blackberry | 1 Athoc | 2025-12-01 | 5 Medium |
| An Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of BlackBerry® AtHoc® (OnPrem) version 7.21 could allow an attacker to potentially gain unauthorized knowledge about other organizations hosted on the same Interactive Warning System (IWS). | ||||
| CVE-2024-9468 | 1 Paloaltonetworks | 1 Pan-os | 2025-12-01 | 7.5 High |
| A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode. | ||||
| CVE-2025-65494 | 1 Libcoap | 1 Libcoap | 2025-12-01 | 7.5 High |
| NULL pointer dereference in get_san_or_cn_from_cert() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted X.509 certificate that causes sk_GENERAL_NAME_value() to return NULL. | ||||
| CVE-2025-65794 | 2025-12-01 | N/A | ||
| DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | ||||
| CVE-2025-65793 | 2025-12-01 | N/A | ||
| DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | ||||
| CVE-2025-65495 | 1 Libcoap | 1 Libcoap | 2025-12-01 | 7.5 High |
| Integer signedness error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2d_X509() to return -1 and be misused as a malloc() size parameter. | ||||
| CVE-2025-65496 | 1 Libcoap | 1 Libcoap | 2025-12-01 | 4.3 Medium |
| NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL. | ||||
| CVE-2025-65497 | 1 Libcoap | 1 Libcoap | 2025-12-01 | 4.3 Medium |
| NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL. | ||||
| CVE-2025-65498 | 1 Libcoap | 1 Libcoap | 2025-12-01 | 4.3 Medium |
| NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL. | ||||
| CVE-2025-65499 | 1 Libcoap | 1 Libcoap | 2025-12-01 | 4.3 Medium |
| Array index error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_ex_data_X509_STORE_CTX_idx() to return -1. | ||||
| CVE-2025-65500 | 1 Libcoap | 1 Libcoap | 2025-12-01 | 4.3 Medium |
| NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL. | ||||
| CVE-2025-65501 | 1 Libcoap | 1 Libcoap | 2025-12-01 | 4.3 Medium |
| Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSL_get_app_data() returns NULL. | ||||
| CVE-2025-60632 | 1 Free5gc | 1 Free5gc | 2025-12-01 | 6.5 Medium |
| An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the Npcf_BDTPolicyControl API. | ||||
| CVE-2025-60633 | 1 Free5gc | 1 Free5gc | 2025-12-01 | 6.5 Medium |
| An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via the Nudm_SubscriberDataManagement API. | ||||
| CVE-2025-63601 | 1 Snipeitapp | 1 Snipe-it | 2025-12-01 | 9.9 Critical |
| Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an authenticated attacker to upload a malicious backup file containing arbitrary files and execute system commands. | ||||