How severe is CVE-2025-2173?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2025-2173?

This is classified as CWE-824, which is a common weakness in software security.

CVE-2025-2173

MEDIUM Year: 2025

CVSS v3 Score

5.3

Medium

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-824

View all →

Vulnerability Description

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. The patch is identified as 8def647eea27f7fd7ad33ff79c2d6d3e39948dce. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.

CVE-2006-0054

MEDIUM

CVSS:5.3(Medium)

The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an acc...

CWE-8242006

CVE-2018-5860

MEDIUM

CVSS:5.5(Medium)

In the MDSS driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, a data structure may be used without being initialized correctly.

CWE-8242018

CVE-2019-5693

MEDIUM

CVSS:5.5(Medium)

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which m...

CWE-8242019

CVE-2020-1874

MEDIUM

CVSS:5.5(Medium)

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when...

CWE-8242020

CVE-2020-1875

MEDIUM

CVSS:5.5(Medium)

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer whe...

CWE-8242020

CVE-2021-41204

MEDIUM

CVSS:5.5(Medium)

TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This resul...

CWE-8242021

CVE-2025-2173

Vulnerability Description

Related Vulnerabilities

CVE-2006-0054

CVE-2018-5860

CVE-2019-5693

CVE-2020-1874

CVE-2020-1875

CVE-2021-41204