Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-65495
Integer signedness error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2d_X509() to return -1 and be misused as a malloc() size parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-24
CVE-2025-65496
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-11-24
CVE-2025-65497
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-11-24
CVE-2025-65498
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-11-24
CVE-2025-65499
Array index error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_ex_data_X509_STORE_CTX_idx() to return -1.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-11-24
CVE-2025-65500
NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-11-24
CVE-2025-65501
Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSL_get_app_data() returns NULL.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-11-24
CVE-2025-65493
NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIO_get_data() to return NULL.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-24
CVE-2025-65494
NULL pointer dereference in get_san_or_cn_from_cert() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted X.509 certificate that causes sk_GENERAL_NAME_value() to return NULL.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-24
CVE-2025-13586
A flaw has been found in SourceCodester Online Student Clearance System 1.0. Impacted is an unknown function of the file /Admin/changepassword.php. This manipulation of the argument txtconfirm_password causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
CVSS Score
4.7
EPSS Score
0.0
Published
2025-11-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved