CVE-2025-4002 – Apache RefindPlus Local Null Pointer Dereference Vulnerability

April 28, 2025

CVE ID : CVE-2025-4002

Published : April 28, 2025, 5:15 a.m. | 3 hours, 13 minutes ago

Description : A vulnerability was found in RefindPlusRepo RefindPlus 0.14.2.AB and classified as problematic. Affected by this issue is the function GetDebugLogFile of the file Library/MemLogLib/BootLog.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The patch is identified as d2143a1e2deefddd9b105fb7160763c4f8d47ea2. It is recommended to apply a patch to fix this issue.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-13688 – WordPress ASE Password Protection Hardcoded Password Bypass

Next Article CVE-2025-4001 – “Scip File Descriptor Handler Uncontrolled File Descriptor Consumption Vulnerability”

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

OneDrive for Mac will soon give you more flexible storage options

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

New code strings attached to Xbox Game Pass suggests a price increase may be imminent

This could be the versatile laptop accessory I’ve been waiting for — Here’s why it stands out from other portable monitors

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Everybody’s gone lintin’

QAQ-QQ-AI-QUEST

OneDrive for Mac will soon give you more flexible storage options

OneDrive for Mac will soon give you more flexible storage options

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

New code strings attached to Xbox Game Pass suggests a price increase may be imminent

CVE-2025-4002 – Apache RefindPlus Local Null Pointer Dereference Vulnerability

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Mitel OpenScape Flaw (CVE-2025-23092): High-Severity Path Traversal Allows Admin RCE

CVE-2025-3065 – Apache Database Toolset Remote File Deletion Vulnerability

Optimizing Hybrid IT for Competitive and Environmental Advantage

CVE-2025-4017 – Novel-Plus LogController Java Unauthenticated Remote Authorization Bypass

Molex Dealer and Supplier in India for Networking Solutions

Rilasciata Tails 6.16: Tor Browser e kernel Linux aggiornati

CVE-2025-4124 – Delta Electronics ISPSoft Out-Of-Bounds Write Vulnerability

CVE-2025-4756 – D-Link DI-7003GV2 Denial of Service Vulnerability in restart.asp

TiC-LM: A Web-Scale Benchmark for Time-Continual LLM Pretraining

CVE-2025-4002 – Apache RefindPlus Local Null Pointer Dereference Vulnerability

Related Posts