Overview
Description
Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSL_get_app_data() returns NULL.
Statistics
- 1 Post
- 1 Interaction
Last activity: 2 hours ago
Overview
Description
NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIO_get_data() to return NULL.
Statistics
- 1 Post
- 1 Interaction
Last activity: 2 hours ago
Overview
- Lynxtechnology
- Twonky Server
19 Nov 2025
Published
19 Nov 2025
Updated
CVSS v4.0
HIGH (8.2)
EPSS
52.56%
KEV
Description
Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded cryptographic keys. An attacker with knowledge of the encrypted administrator password can decrypt the value with static keys to view the plain text password and gain administrator-level access to Twonky Server.
Statistics
- 1 Post
Last activity: 11 hours ago
Overview
- Lynxtechnology
- Twonky Server
19 Nov 2025
Published
19 Nov 2025
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
63.26%
KEV
Description
Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password.
Statistics
- 1 Post
Last activity: 11 hours ago