24h | 7d | 30d

CVE-2025-65501

Overview

  • Pending
24 Nov 2025
Published
24 Nov 2025
Updated
CVSS
Pending
EPSS
0.13%
KEV

Description

Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSL_get_app_data() returns NULL.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 2 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
Important security news for the #openSUSE Tumbleweed community. The libcoap library has received a significant security update, addressing nine documented vulnerabilities (CVE-2025-65493 to CVE-2025-65501). Read more: 👉 tinyurl.com/32r6hmnd #Security
  • 0
  • 1
  • 0
  • 2h ago

CVE-2025-65493

Overview

  • Pending
24 Nov 2025
Published
24 Nov 2025
Updated
CVSS
Pending
EPSS
0.14%
KEV

Description

NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIO_get_data() to return NULL.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 2 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
Important security news for the #openSUSE Tumbleweed community. The libcoap library has received a significant security update, addressing nine documented vulnerabilities (CVE-2025-65493 to CVE-2025-65501). Read more: 👉 tinyurl.com/32r6hmnd #Security
  • 0
  • 1
  • 0
  • 2h ago

CVE-2025-13316

Overview

  • Lynxtechnology
  • Twonky Server
19 Nov 2025
Published
19 Nov 2025
Updated
CVSS v4.0
HIGH (8.2)
EPSS
52.56%
KEV

Description

Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded cryptographic keys. An attacker with knowledge of the encrypted administrator password can decrypt the value with static keys to view the plain text password and gain administrator-level access to Twonky Server.

Statistics

  • 1 Post
Last activity: 11 hours ago

Bluesky

Profile picture
r/blueteamsec bot @r-blueteamsec.bsky.social
CVE-2025-13315, CVE-2025-13316: Critical Twonky Server Authentication Bypass (NOT FIXED)
  • 0
  • 0
  • 0
  • 11h ago

CVE-2025-13315

Overview

  • Lynxtechnology
  • Twonky Server
19 Nov 2025
Published
19 Nov 2025
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
63.26%
KEV

Description

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password.

Statistics

  • 1 Post
Last activity: 11 hours ago

Bluesky

Profile picture
r/blueteamsec bot @r-blueteamsec.bsky.social
CVE-2025-13315, CVE-2025-13316: Critical Twonky Server Authentication Bypass (NOT FIXED)
  • 0
  • 0
  • 0
  • 11h ago
Showing 11 to 14 of 14 CVEs