Every CVE whose affected-product data names Ntop Ndpi, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2020-11939 — CVSS 9.8 (critical): In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap…
CVE-2020-15475 — CVSS 9.8 (critical): In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free.
CVE-2020-15471 — CVSS 9.1 (critical): In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpi_parse_packet_line_info in…
CVE-2020-15473 — CVSS 9.1 (critical): In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c.
CVE-2020-15472 — CVSS 9.1 (critical): In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based buffer over-read in ndpi_search_h323 in lib/protocols/h323.c, as…
CVE-2025-25066 — CVSS 8.1 (high): nDPI through 4.12 has a potential stack-based buffer overflow in ndpi_address_cache_restore in lib/ndpi_cache.c.
CVE-2020-11940 — CVSS 7.5 (high): In nDPI through 3.2 Stable, an out-of-bounds read in concat_hash_string in ssh.c can be exploited by a network-positioned attacker that can…
CVE-2020-15476 — CVSS 7.5 (high): In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle in lib/protocols/oracle.c.