CVE-2025-48965 – Mbed TLS NULL Pointer Dereference Vulnerability

July 20, 2025

CVE ID : CVE-2025-48965

Published : July 20, 2025, 6:15 p.m. | 5 hours, 2 minutes ago

Description : Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero.

Severity: 4.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-54316 – Logpoint Jinja Template XSS Vulnerability

Next Article CVE-2025-7904 – iSourcecode Insurance Management System SQL Injection Vulnerability

Highlights

CVE-2025-47945 – Donetick Weak Default JWT Signing Secret in Donetick Task Management App

May 17, 2025

CVE ID : CVE-2025-47945

Published : May 17, 2025, 7:15 p.m. | 1 hour, 6 minutes ago

Description : Donetick an open-source app for managing tasks and chores. Prior to version 0.1.44, the application uses JSON Web Tokens (JWT) for authentication, but the signing secret has a weak default value. While the responsibility is left to the system administrator to change it, this approach is inadequate. The vulnerability is proven by existence of the issue in the live version as well. This issue can result in full account takeover of any user. Version 0.1.44 contains a patch.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

ChatGPT now has an agent mode

Scrum Alliance and Kanban University partner to offer new course that teaches both methodologies

Is ChatGPT down? You’re not alone. Here’s what OpenAI is saying

I found a tablet that could replace my iPad and Kindle – and it’s worth every penny

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

Execute Ping Commands and Get Back Structured Data in PHP

Execute Ping Commands and Get Back Structured Data in PHP

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

Microsoft confirms active cyberattacks on SharePoint servers

How to Manually Check & Install Windows 11 Updates (Best Guide)

CVE-2025-48965 – Mbed TLS NULL Pointer Dereference Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics

OpenBubbles is a cross-platform app ecosystem

Powerful Motion Graphics Frameworks for Developers

Why UX Design Strategy is Crucial for Business Success

Windows 11 should Sherlock this audio app — but I hope it doesn’t

CVE-2025-47945 – Donetick Weak Default JWT Signing Secret in Donetick Task Management App

Does Claim Management Work with AI Automation?

LLMs Create a New Supply Chain Threat: Code Package Hallucinations

CVE-2025-54026 – QuanticaLabs GymBase Theme Classes SQL Injection

CVE-2025-48965 – Mbed TLS NULL Pointer Dereference Vulnerability

Related Posts