CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
CVE-2025-5867 (GCVE-0-2025-5867)
Vulnerability from cvelistv5 – Published: 2025-06-09 07:31 – Updated: 2025-06-09 18:07
VLAI
Title
RT-Thread lwp_syscall.c csys_sendto null pointer dereference
Summary
A vulnerability classified as critical was found in RT-Thread 5.1.0. This vulnerability affects the function csys_sendto of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument to leads to null pointer dereference.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.311626 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.311626 | signaturepermissions-required |
| https://vuldb.com/?submit.584129 | third-party-advisory |
| https://github.com/RT-Thread/rt-thread/issues/10299 | issue-tracking |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5867",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T18:07:29.087776Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T18:07:33.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RT-Thread",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Zephyr Saxon (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in RT-Thread 5.1.0. This vulnerability affects the function csys_sendto of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument to leads to null pointer dereference."
},
{
"lang": "de",
"value": "In RT-Thread 5.1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Das betrifft die Funktion csys_sendto der Datei rt-thread/components/lwp/lwp_syscall.c. Durch das Manipulieren des Arguments to mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.7,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T07:31:04.833Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311626 | RT-Thread lwp_syscall.c csys_sendto null pointer dereference",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.311626"
},
{
"name": "VDB-311626 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311626"
},
{
"name": "Submit #584129 | RT-Thread 5.1.0 Improper Handling of Parameters",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584129"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/10299"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-08T19:41:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "RT-Thread lwp_syscall.c csys_sendto null pointer dereference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5867",
"datePublished": "2025-06-09T07:31:04.833Z",
"dateReserved": "2025-06-08T17:36:32.580Z",
"dateUpdated": "2025-06-09T18:07:33.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-59148 (GCVE-0-2025-59148)
Vulnerability from cvelistv5 – Published: 2025-10-01 19:51 – Updated: 2025-10-01 19:58
VLAI
Title
Suricata's improper use of entropy keyword can lead to a NULL-ptr deref
Summary
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a "sticky" buffer, which can lead to a segmentation fault. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules using the entropy keyword, or validate they are anchored to a sticky buffer.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/OISF/suricata/security/advisor… | x_refsource_CONFIRM |
| https://github.com/OISF/suricata/commit/9f32550e1… | x_refsource_MISC |
| https://forum.suricata.io/t/suricata-8-0-1-and-7-… | x_refsource_MISC |
| https://redmine.openinfosecfoundation.org/issues/7838 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59148",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T19:58:02.145694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T19:58:13.158Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "suricata",
"vendor": "OISF",
"versions": [
{
"status": "affected",
"version": "\u003c 8.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a \"sticky\" buffer, which can lead to a segmentation fault. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules using the entropy keyword, or validate they are anchored to a sticky buffer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T19:51:27.388Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OISF/suricata/security/advisories/GHSA-5qf6-92xg-3rr3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-5qf6-92xg-3rr3"
},
{
"name": "https://github.com/OISF/suricata/commit/9f32550e18f97ea5d610dd7c36aab0ba142c096c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/9f32550e18f97ea5d610dd7c36aab0ba142c096c"
},
{
"name": "https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018",
"tags": [
"x_refsource_MISC"
],
"url": "https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/7838",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/7838"
}
],
"source": {
"advisory": "GHSA-5qf6-92xg-3rr3",
"discovery": "UNKNOWN"
},
"title": "Suricata\u0027s improper use of entropy keyword can lead to a NULL-ptr deref"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59148",
"datePublished": "2025-10-01T19:51:27.388Z",
"dateReserved": "2025-09-09T15:23:16.326Z",
"dateUpdated": "2025-10-01T19:58:13.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-59150 (GCVE-0-2025-59150)
Vulnerability from cvelistv5 – Published: 2025-10-01 20:23 – Updated: 2025-10-23 13:12
VLAI
Title
Suricata: Keyword tls.subjectaltname can lead to NULL-ptr deref
Summary
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Version 8.0.0's usage of the tls.subjectaltname keyword can lead to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed in version 8.0.1. To workaround this issue, disable rules using the tls.subjectaltname keyword.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://github.com/OISF/suricata/security/advisor… | x_refsource_CONFIRM |
| https://github.com/OISF/suricata/commit/d590fdfe4… | x_refsource_MISC |
| https://forum.suricata.io/t/suricata-8-0-1-and-7-… | x_refsource_MISC |
| https://redmine.openinfosecfoundation.org/issues/7881 | x_refsource_MISC |
| https://www.vicarius.io/vsociety/posts/cve-2025-5… | |
| https://www.vicarius.io/vsociety/posts/cve-2025-5… |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59150",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-02T15:39:20.519524Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-02T15:54:30.373Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-10-23T13:12:27.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-59150-suricata-detection-script"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-59150-suricata-mitigation-script"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "suricata",
"vendor": "OISF",
"versions": [
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Version 8.0.0\u0027s usage of the tls.subjectaltname keyword can lead to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed in version 8.0.1. To workaround this issue, disable rules using the tls.subjectaltname keyword."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T20:24:28.157Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OISF/suricata/security/advisories/GHSA-mhv7-qfmj-m3f3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-mhv7-qfmj-m3f3"
},
{
"name": "https://github.com/OISF/suricata/commit/d590fdfe42e995fd558315f0c24f9a352e21479d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/d590fdfe42e995fd558315f0c24f9a352e21479d"
},
{
"name": "https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018",
"tags": [
"x_refsource_MISC"
],
"url": "https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/7881",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/7881"
}
],
"source": {
"advisory": "GHSA-mhv7-qfmj-m3f3",
"discovery": "UNKNOWN"
},
"title": "Suricata: Keyword tls.subjectaltname can lead to NULL-ptr deref"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59150",
"datePublished": "2025-10-01T20:23:54.207Z",
"dateReserved": "2025-09-09T15:23:16.326Z",
"dateUpdated": "2025-10-23T13:12:27.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-59351 (GCVE-0-2025-59351)
Vulnerability from cvelistv5 – Published: 2025-09-17 19:46 – Updated: 2025-09-18 17:42
VLAI
Title
Dragonfly possibly panics due to nil pointer dereference when using variables created alongside an error
Summary
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the first return value of a function is dereferenced even when the function returns an error. This can result in a nil dereference, and cause code to panic. This vulnerability is fixed in 2.1.0.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dragonflyoss/dragonfly/securit… | x_refsource_CONFIRM |
| https://github.com/dragonflyoss/dragonfly/blob/ma… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dragonflyoss | dragonfly |
Affected:
< 2.1.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-18T17:42:28.918788Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T17:42:35.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "dragonfly",
"vendor": "dragonflyoss",
"versions": [
{
"status": "affected",
"version": "\u003c 2.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the first return value of a function is dereferenced even when the function returns an error. This can result in a nil dereference, and cause code to panic. This vulnerability is fixed in 2.1.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T19:46:41.322Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dragonflyoss/dragonfly/security/advisories/GHSA-4mhv-8rh3-4ghw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dragonflyoss/dragonfly/security/advisories/GHSA-4mhv-8rh3-4ghw"
},
{
"name": "https://github.com/dragonflyoss/dragonfly/blob/main/docs/security/dragonfly-comprehensive-report-2023.pdf",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dragonflyoss/dragonfly/blob/main/docs/security/dragonfly-comprehensive-report-2023.pdf"
}
],
"source": {
"advisory": "GHSA-4mhv-8rh3-4ghw",
"discovery": "UNKNOWN"
},
"title": "Dragonfly possibly panics due to nil pointer dereference when using variables created alongside an error"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59351",
"datePublished": "2025-09-17T19:46:41.322Z",
"dateReserved": "2025-09-12T12:36:24.637Z",
"dateUpdated": "2025-09-18T17:42:35.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-59386 (GCVE-0-2025-59386)
Vulnerability from cvelistv5 – Published: 2026-02-11 12:16 – Updated: 2026-02-27 14:27
VLAI
Title
QuTS hero
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version:
QuTS hero h5.3.2.3354 build 20251225 and later
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QuTS hero |
Affected:
h5.3.x , < h5.3.2.3354 build 20251225
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59386",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T15:49:04.721422Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T14:27:34.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.3.2.3354 build 20251225",
"status": "affected",
"version": "h5.3.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coral"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuTS hero h5.3.2.3354 build 20251225 and later\u003cbr\u003e"
}
],
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following version:\nQuTS hero h5.3.2.3354 build 20251225 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 1.2,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T12:16:19.698Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-26-08"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuTS hero h5.3.2.3354 build 20251225 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQuTS hero h5.3.2.3354 build 20251225 and later"
}
],
"source": {
"advisory": "QSA-26-08",
"discovery": "EXTERNAL"
},
"title": "QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-59386",
"datePublished": "2026-02-11T12:16:19.698Z",
"dateReserved": "2025-09-15T08:35:00.660Z",
"dateUpdated": "2026-02-27T14:27:34.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59537 (GCVE-0-2025-59537)
Vulnerability from cvelistv5 – Published: 2025-10-01 21:01 – Updated: 2025-10-02 15:54
VLAI
Title
argo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payload
Summary
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD’s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/argoproj/argo-cd/security/advi… | x_refsource_CONFIRM |
| https://github.com/argoproj/argo-cd/commit/761fc2… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59537",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-02T15:35:13.081671Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-02T15:54:17.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "argo-cd",
"vendor": "argoproj",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.2.0, \u003c= 1.8.7"
},
{
"status": "affected",
"version": "\u003e= 2.0.0-rc1, \u003c 2.14.20"
},
{
"status": "affected",
"version": "\u003e= 3.2.0-rc1, \u003c 3.2.0-rc2"
},
{
"status": "affected",
"version": "\u003e= 3.1.0-rc1, \u003c 3.1.8"
},
{
"status": "affected",
"version": "\u003e= 3.0.0-rc1, \u003c 3.0.19"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T21:01:36.519Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
},
{
"name": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
}
],
"source": {
"advisory": "GHSA-wp4p-9pxh-cgx2",
"discovery": "UNKNOWN"
},
"title": "argo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payload"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59537",
"datePublished": "2025-10-01T21:01:36.519Z",
"dateReserved": "2025-09-17T17:04:20.373Z",
"dateUpdated": "2025-10-02T15:54:17.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-59604 (GCVE-0-2025-59604)
Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:56
VLAI
Title
NULL Pointer Dereference in SPS Applications
Summary
Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
AR8035
Affected: Cologne Affected: CSRA6620 Affected: CSRA6640 Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: FWA Gen 3 Ultra Platform Affected: G1 Gen 1 Affected: G2 Gen 1 Affected: IQ6 Series Platform Affected: IQ8 Series Platform Affected: IQ9 Series Platform Affected: LeMans_AU_LGIT Affected: LeMansAU Affected: Milos Affected: Monaco_IOT Affected: Netrani Affected: Orne Affected: Palawan25 Affected: Pandeiro Affected: QAM8255P Affected: QAM8295P Affected: QAM8620P Affected: QAMSRV1H Affected: QAMSRV1M Affected: QCA0000 Affected: QCA6174A Affected: QCA6391 Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6678AQ Affected: QCA6688AQ Affected: QCA6696 Affected: QCA6698AQ Affected: QCA6698AU Affected: QCA6797AQ Affected: QCA8081 Affected: QCA8337 Affected: QCA8695AU Affected: QCC710 Affected: QCM2290 Affected: QCM4325 Affected: QCM4490 Affected: QCM5430 Affected: QCM6125 Affected: QCM6490 Affected: QCN6024 Affected: QCN6224 Affected: QCN6274 Affected: QCN9011 Affected: QCN9012 Affected: QCN9024 Affected: QCS2290 Affected: QCS4290 Affected: QCS4490 Affected: QCS8550 Affected: QDX1010 Affected: QDX1011 Affected: QEP8111 Affected: QFW7114 Affected: QFW7124 Affected: QLN1083BD Affected: QLN1086BD Affected: QMP1000 Affected: QPA1083BD Affected: QPA1086BD Affected: QRU1032 Affected: Qualcomm Dragonwing QRU100 Platform Affected: Qualcomm Dragonwing X100 Accelerator Card Affected: Qualcomm Video Collaboration VC1 Platform Affected: Qualcomm Video Collaboration VC3 Platform Affected: QXM1093 Affected: QXM1094 Affected: QXM1095 Affected: QXM1096 Affected: Robotics RB2 Platform Affected: SA4150P Affected: SA4155P Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA7255P Affected: SA7775P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8255P Affected: SA8295P Affected: SA8540P Affected: SA8620P Affected: SA8770P Affected: SA9000P Affected: SAR1250P Affected: SAR2130P Affected: SAR2230P Affected: SC8380XP Affected: SD 8 Gen1 5G Affected: SD662 Affected: SD865 5G Affected: SDX61 Affected: SM6225P Affected: SM6650P Affected: SM7250P Affected: SM7325P Affected: SM7435 Affected: SM7550 Affected: SM7550P Affected: SM7635P Affected: SM7675 Affected: SM7675P Affected: SM8475P Affected: SM8550P Affected: SM8635 Affected: SM8635P Affected: SM8650Q Affected: SM8750P Affected: Snapdragon 4 Gen 1 Mobile Platform Affected: Snapdragon 4 Gen 2 Mobile Platform Affected: Snapdragon 460 Mobile Platform Affected: Snapdragon 480 5G Mobile Platform Affected: Snapdragon 480+ 5G Mobile Platform Affected: Snapdragon 6 Gen 1 Mobile Platform Affected: Snapdragon 6 Gen 3 Mobile Platform Affected: Snapdragon 6 Gen 4 Mobile Platform Affected: Snapdragon 662 Mobile Platform Affected: Snapdragon 680 4G Mobile Platform Affected: Snapdragon 685 4G Mobile Platform Affected: Snapdragon 690 5G Mobile Platform Affected: Snapdragon 695 5G Mobile Platform Affected: Snapdragon 7 Gen 1 Mobile Platform Affected: Snapdragon 7+ Gen 2 Mobile Platform Affected: Snapdragon 720G Mobile Platform Affected: Snapdragon 765 5G Mobile Platform Affected: Snapdragon 765G 5G Mobile Platform Affected: Snapdragon 768G 5G Mobile Platform Affected: Snapdragon 778G 5G Mobile Platform Affected: Snapdragon 778G+ 5G Mobile Platform Affected: Snapdragon 782G Mobile Platform Affected: Snapdragon 7c+ Gen 3 Compute Affected: Snapdragon 7s Gen 3 Mobile Platform Affected: Snapdragon 8 Elite Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: Snapdragon 8 Gen 2 Mobile Platform Affected: Snapdragon 8 Gen 3 Mobile Platform Affected: Snapdragon 8+ Gen 1 Mobile Platform Affected: Snapdragon 8+ Gen 2 Mobile Platform Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform Affected: Snapdragon 870 5G Mobile Platform Affected: Snapdragon 888 5G Mobile Platform Affected: Snapdragon 888+ 5G Mobile Platform Affected: Snapdragon 8cx Gen 3 Compute Platform Affected: Snapdragon AR1 Gen 1 Platform Affected: Snapdragon Auto 5G Modem-RF Gen 2 Affected: Snapdragon W5+ Gen 1 Wearable Platform Affected: Snapdragon X32 5G Modem-RF System Affected: Snapdragon X35 5G Modem-RF System Affected: Snapdragon X53 5G Modem-RF System Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon X65 5G Modem-RF System Affected: Snapdragon X72 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: Snapdragon XR2+ Gen 1 Platform Affected: SRV1H Affected: SRV1L Affected: SRV1M Affected: SW5100 Affected: SW5100P Affected: SXR2230P Affected: SXR2250P Affected: SXR2330P Affected: SXR2350P Affected: WCD9335 Affected: WCD9340 Affected: WCD9370 Affected: WCD9371 Affected: WCD9375 Affected: WCD9378 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCD9390 Affected: WCD9395 Affected: WCN3910 Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN6650 Affected: WCN6755 Affected: WCN7860 Affected: WCN7861 Affected: WCN7880 Affected: WCN7881 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-02T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T03:56:00.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon CCW",
"Snapdragon Compute",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon Mobile",
"Snapdragon WBC",
"Snapdragon Wearables"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6800"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "FWA Gen 3 Ultra Platform"
},
{
"status": "affected",
"version": "G1 Gen 1"
},
{
"status": "affected",
"version": "G2 Gen 1"
},
{
"status": "affected",
"version": "IQ6 Series Platform"
},
{
"status": "affected",
"version": "IQ8 Series Platform"
},
{
"status": "affected",
"version": "IQ9 Series Platform"
},
{
"status": "affected",
"version": "LeMans_AU_LGIT"
},
{
"status": "affected",
"version": "LeMansAU"
},
{
"status": "affected",
"version": "Milos"
},
{
"status": "affected",
"version": "Monaco_IOT"
},
{
"status": "affected",
"version": "Netrani"
},
{
"status": "affected",
"version": "Orne"
},
{
"status": "affected",
"version": "Palawan25"
},
{
"status": "affected",
"version": "Pandeiro"
},
{
"status": "affected",
"version": "QAM8255P"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QAM8620P"
},
{
"status": "affected",
"version": "QAMSRV1H"
},
{
"status": "affected",
"version": "QAMSRV1M"
},
{
"status": "affected",
"version": "QCA0000"
},
{
"status": "affected",
"version": "QCA6174A"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6584AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6678AQ"
},
{
"status": "affected",
"version": "QCA6688AQ"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA6698AQ"
},
{
"status": "affected",
"version": "QCA6698AU"
},
{
"status": "affected",
"version": "QCA6797AQ"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCA8695AU"
},
{
"status": "affected",
"version": "QCC710"
},
{
"status": "affected",
"version": "QCM2290"
},
{
"status": "affected",
"version": "QCM4325"
},
{
"status": "affected",
"version": "QCM4490"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "QCN6024"
},
{
"status": "affected",
"version": "QCN6224"
},
{
"status": "affected",
"version": "QCN6274"
},
{
"status": "affected",
"version": "QCN9011"
},
{
"status": "affected",
"version": "QCN9012"
},
{
"status": "affected",
"version": "QCN9024"
},
{
"status": "affected",
"version": "QCS2290"
},
{
"status": "affected",
"version": "QCS4290"
},
{
"status": "affected",
"version": "QCS4490"
},
{
"status": "affected",
"version": "QCS8550"
},
{
"status": "affected",
"version": "QDX1010"
},
{
"status": "affected",
"version": "QDX1011"
},
{
"status": "affected",
"version": "QEP8111"
},
{
"status": "affected",
"version": "QFW7114"
},
{
"status": "affected",
"version": "QFW7124"
},
{
"status": "affected",
"version": "QLN1083BD"
},
{
"status": "affected",
"version": "QLN1086BD"
},
{
"status": "affected",
"version": "QMP1000"
},
{
"status": "affected",
"version": "QPA1083BD"
},
{
"status": "affected",
"version": "QPA1086BD"
},
{
"status": "affected",
"version": "QRU1032"
},
{
"status": "affected",
"version": "Qualcomm Dragonwing QRU100 Platform"
},
{
"status": "affected",
"version": "Qualcomm Dragonwing X100 Accelerator Card"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC1 Platform"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "QXM1093"
},
{
"status": "affected",
"version": "QXM1094"
},
{
"status": "affected",
"version": "QXM1095"
},
{
"status": "affected",
"version": "QXM1096"
},
{
"status": "affected",
"version": "Robotics RB2 Platform"
},
{
"status": "affected",
"version": "SA4150P"
},
{
"status": "affected",
"version": "SA4155P"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA7255P"
},
{
"status": "affected",
"version": "SA7775P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8255P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SA8540P"
},
{
"status": "affected",
"version": "SA8620P"
},
{
"status": "affected",
"version": "SA8770P"
},
{
"status": "affected",
"version": "SA9000P"
},
{
"status": "affected",
"version": "SAR1250P"
},
{
"status": "affected",
"version": "SAR2130P"
},
{
"status": "affected",
"version": "SAR2230P"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "SD 8 Gen1 5G"
},
{
"status": "affected",
"version": "SD662"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SDX61"
},
{
"status": "affected",
"version": "SM6225P"
},
{
"status": "affected",
"version": "SM6650P"
},
{
"status": "affected",
"version": "SM7250P"
},
{
"status": "affected",
"version": "SM7325P"
},
{
"status": "affected",
"version": "SM7435"
},
{
"status": "affected",
"version": "SM7550"
},
{
"status": "affected",
"version": "SM7550P"
},
{
"status": "affected",
"version": "SM7635P"
},
{
"status": "affected",
"version": "SM7675"
},
{
"status": "affected",
"version": "SM7675P"
},
{
"status": "affected",
"version": "SM8475P"
},
{
"status": "affected",
"version": "SM8550P"
},
{
"status": "affected",
"version": "SM8635"
},
{
"status": "affected",
"version": "SM8635P"
},
{
"status": "affected",
"version": "SM8650Q"
},
{
"status": "affected",
"version": "SM8750P"
},
{
"status": "affected",
"version": "Snapdragon 4 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 4 Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 460 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 480 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 480+ 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 4 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 662 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 680 4G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 685 4G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 690 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 695 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7+ Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 720G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 765 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 765G 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 768G 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 778G 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 778G+ 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 782G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c+ Gen 3 Compute"
},
{
"status": "affected",
"version": "Snapdragon 7s Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8 Elite"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8+ Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8+ Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 865 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 865+ 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 870 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 888 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 888+ 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 3 Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon Auto 5G Modem-RF Gen 2"
},
{
"status": "affected",
"version": "Snapdragon W5+ Gen 1 Wearable Platform"
},
{
"status": "affected",
"version": "Snapdragon X32 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X35 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X53 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X55 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X65 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X72 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X75 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon XR2 5G Platform"
},
{
"status": "affected",
"version": "Snapdragon XR2+ Gen 1 Platform"
},
{
"status": "affected",
"version": "SRV1H"
},
{
"status": "affected",
"version": "SRV1L"
},
{
"status": "affected",
"version": "SRV1M"
},
{
"status": "affected",
"version": "SW5100"
},
{
"status": "affected",
"version": "SW5100P"
},
{
"status": "affected",
"version": "SXR2230P"
},
{
"status": "affected",
"version": "SXR2250P"
},
{
"status": "affected",
"version": "SXR2330P"
},
{
"status": "affected",
"version": "SXR2350P"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9371"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCD9390"
},
{
"status": "affected",
"version": "WCD9395"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN6650"
},
{
"status": "affected",
"version": "WCN6755"
},
{
"status": "affected",
"version": "WCN7860"
},
{
"status": "affected",
"version": "WCN7861"
},
{
"status": "affected",
"version": "WCN7880"
},
{
"status": "affected",
"version": "WCN7881"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T22:05:24.558Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
}
],
"title": "NULL Pointer Dereference in SPS Applications"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2025-59604",
"datePublished": "2026-06-01T22:05:24.558Z",
"dateReserved": "2025-09-18T03:19:23.201Z",
"dateUpdated": "2026-06-03T03:56:00.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59606 (GCVE-0-2025-59606)
Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
VLAI
Title
NULL Pointer Dereference in HLOS
Summary
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
Cologne
Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: G2 Gen 1 Affected: IQ6 Series Platform Affected: IQ8 Series Platform Affected: IQ9 Series Platform Affected: LeMans_AU_LGIT Affected: LeMansAU Affected: Monaco_IOT Affected: Netrani Affected: Orne Affected: Palawan25 Affected: Pandeiro Affected: QAM8255P Affected: QAM8295P Affected: QAM8620P Affected: QAMSRV1H Affected: QAMSRV1M Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6678AQ Affected: QCA6688AQ Affected: QCA6696 Affected: QCA6698AQ Affected: QCA6797AQ Affected: QCA8695AU Affected: QCM5430 Affected: QCM6490 Affected: QLN1083BD Affected: QLN1086BD Affected: QMP1000 Affected: QPA1083BD Affected: QPA1086BD Affected: Qualcomm Video Collaboration VC3 Platform Affected: QXM1093 Affected: QXM1094 Affected: QXM1095 Affected: QXM1096 Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA7255P Affected: SA7775P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8255P Affected: SA8295P Affected: SA8540P Affected: SA8620P Affected: SA8770P Affected: SA9000P Affected: SAR1250P Affected: SAR2230P Affected: SM7435 Affected: SM8750P Affected: Snapdragon 4 Gen 2 Mobile Platform Affected: Snapdragon 6 Gen 1 Mobile Platform Affected: Snapdragon 6 Gen 3 Mobile Platform Affected: Snapdragon 8 Elite Affected: SRV1H Affected: SRV1L Affected: SRV1M Affected: SXR2330P Affected: SXR2350P Affected: WCD9370 Affected: WCD9375 Affected: WCD9378 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCD9395 Affected: WCN3950 Affected: WCN3988 Affected: WCN6755 Affected: WCN7860 Affected: WCN7861 Affected: WCN7880 Affected: WCN7881 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59606",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-02T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T03:55:57.954Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon Compute",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon Mobile"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "G2 Gen 1"
},
{
"status": "affected",
"version": "IQ6 Series Platform"
},
{
"status": "affected",
"version": "IQ8 Series Platform"
},
{
"status": "affected",
"version": "IQ9 Series Platform"
},
{
"status": "affected",
"version": "LeMans_AU_LGIT"
},
{
"status": "affected",
"version": "LeMansAU"
},
{
"status": "affected",
"version": "Monaco_IOT"
},
{
"status": "affected",
"version": "Netrani"
},
{
"status": "affected",
"version": "Orne"
},
{
"status": "affected",
"version": "Palawan25"
},
{
"status": "affected",
"version": "Pandeiro"
},
{
"status": "affected",
"version": "QAM8255P"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QAM8620P"
},
{
"status": "affected",
"version": "QAMSRV1H"
},
{
"status": "affected",
"version": "QAMSRV1M"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6678AQ"
},
{
"status": "affected",
"version": "QCA6688AQ"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA6698AQ"
},
{
"status": "affected",
"version": "QCA6797AQ"
},
{
"status": "affected",
"version": "QCA8695AU"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "QLN1083BD"
},
{
"status": "affected",
"version": "QLN1086BD"
},
{
"status": "affected",
"version": "QMP1000"
},
{
"status": "affected",
"version": "QPA1083BD"
},
{
"status": "affected",
"version": "QPA1086BD"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "QXM1093"
},
{
"status": "affected",
"version": "QXM1094"
},
{
"status": "affected",
"version": "QXM1095"
},
{
"status": "affected",
"version": "QXM1096"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA7255P"
},
{
"status": "affected",
"version": "SA7775P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8255P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SA8540P"
},
{
"status": "affected",
"version": "SA8620P"
},
{
"status": "affected",
"version": "SA8770P"
},
{
"status": "affected",
"version": "SA9000P"
},
{
"status": "affected",
"version": "SAR1250P"
},
{
"status": "affected",
"version": "SAR2230P"
},
{
"status": "affected",
"version": "SM7435"
},
{
"status": "affected",
"version": "SM8750P"
},
{
"status": "affected",
"version": "Snapdragon 4 Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8 Elite"
},
{
"status": "affected",
"version": "SRV1H"
},
{
"status": "affected",
"version": "SRV1L"
},
{
"status": "affected",
"version": "SRV1M"
},
{
"status": "affected",
"version": "SXR2330P"
},
{
"status": "affected",
"version": "SXR2350P"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCD9395"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN6755"
},
{
"status": "affected",
"version": "WCN7860"
},
{
"status": "affected",
"version": "WCN7861"
},
{
"status": "affected",
"version": "WCN7880"
},
{
"status": "affected",
"version": "WCN7881"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T22:05:26.836Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
}
],
"title": "NULL Pointer Dereference in HLOS"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2025-59606",
"datePublished": "2026-06-01T22:05:26.836Z",
"dateReserved": "2025-09-18T03:19:23.201Z",
"dateUpdated": "2026-06-03T03:55:57.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59668 (GCVE-0-2025-59668)
Vulnerability from cvelistv5 – Published: 2025-09-30 04:06 – Updated: 2025-10-31 14:12 Unsupported When Assigned
VLAI
Summary
Multiple versions of Central Monitor CNS-6201 contain a NULL pointer dereference vulnerability. When processing a crafted certain UDP packet, the affected device may abnormally terminate.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL pointer dereference
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NIHON KOHDEN CORPORATION | Central Monitor CNS-6201 |
Affected:
01-03
Affected: 01-04 Affected: 01-05 Affected: 01-06 Affected: 02-10 Affected: 02-11 Affected: and 02-40 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59668",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T15:46:30.521096Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T15:46:39.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-10-31T14:12:10.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-296-01"
},
{
"url": "https://www.nihonkohden.com/security/main/01112/teaserItems3/0/linkList/0/link/NKcorporateResponse-CNS-6201_CentralMonitor_Vulnerability(CVE-2025-59668)_en_Rev2.pdf"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "Central Monitor CNS-6201",
"vendor": "NIHON KOHDEN CORPORATION",
"versions": [
{
"status": "affected",
"version": "01-03"
},
{
"status": "affected",
"version": "01-04"
},
{
"status": "affected",
"version": "01-05"
},
{
"status": "affected",
"version": "01-06"
},
{
"status": "affected",
"version": "02-10"
},
{
"status": "affected",
"version": "02-11"
},
{
"status": "affected",
"version": "and 02-40"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple versions of Central Monitor CNS-6201 contain a NULL pointer dereference vulnerability. When processing a crafted certain UDP packet, the affected device may abnormally terminate."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL pointer dereference",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T04:06:11.279Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.nihonkohden.com/security.html"
},
{
"url": "https://jvn.jp/en/vu/JVNVU96989989/"
}
],
"tags": [
"unsupported-when-assigned"
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-59668",
"datePublished": "2025-09-30T04:06:11.279Z",
"dateReserved": "2025-09-18T07:00:43.823Z",
"dateUpdated": "2025-10-31T14:12:10.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59777 (GCVE-0-2025-59777)
Vulnerability from cvelistv5 – Published: 2025-11-10 04:10 – Updated: 2025-11-10 21:41
VLAI
Summary
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL pointer dereference
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| GNU Project | GNU libbmicrohttpd |
Affected:
v1.0.2 and earlier (The vulnerability remains in the source code up until commit ff13abc on the master branch of the libmicrohttpd Git repository
Affected: after the v1.0.2 tag.) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59777",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-10T21:40:57.327820Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-10T21:41:04.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "GNU libbmicrohttpd",
"vendor": "GNU Project",
"versions": [
{
"status": "affected",
"version": "v1.0.2 and earlier (The vulnerability remains in the source code up until commit ff13abc on the master branch of the libmicrohttpd Git repository"
},
{
"status": "affected",
"version": "after the v1.0.2 tag.)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL pointer dereference",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-10T04:10:44.836Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.gnu.org/software/libmicrohttpd/"
},
{
"url": "https://git.gnunet.org/libmicrohttpd.git/commit/?id=ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b"
},
{
"url": "https://jvn.jp/en/jp/JVN76719218/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-59777",
"datePublished": "2025-11-10T04:10:44.836Z",
"dateReserved": "2025-11-03T23:35:54.488Z",
"dateUpdated": "2025-11-10T21:41:04.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-56
Phase: Implementation
Description:
- For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Phase: Requirements
Description:
- Select a programming language that is not susceptible to these issues.
Mitigation
Phase: Implementation
Description:
- Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Phase: Architecture and Design
Description:
- Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Phase: Implementation
Description:
- Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.