76 matches found
CVE-2026-57244
After JavaScript resetting the form, the synchronization process lacks re-entry protection and object lifecycle verification, resulting in the failure of the control pointer during the traversal process. After the pointer fails, it still continues to dereference, causing the application to crash...
CVE-2026-57242 Foxit PDF Editor/Reader Page Use-After-Free Vulnerability
The application opens the PDF, and JavaScript modifies the form. However, the related objects on the page lack complete lifecycle management and null value validation; when the page state changes, the application continuously dereferences invalid objects, eventually leading to a crash...
CVE-2026-57242
Technical details are not publicly available in the provided documents for CVE-2026-57242; monitor Foxit security bulletins for updates on affected products, versions, impact, and remediation.
EUVD-2026-42195
After JavaScript resetting the form, the synchronization process lacks re-entry protection and object lifecycle verification, resulting in the failure of the control pointer during the traversal process. After the pointer fails, it still continues to dereference, causing the application to crash...
CVE-2026-57434
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node. This caused a NULL pointer dereference that could...
Astra Linux – Vulnerability in the 389-DS-base
When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, resulting in a crash...
Astra Linux – Vulnerability in libxslt
A use-after-free vulnerability was discovered in libxslt while parsing XSL nodes, which may lead to the dereferencing of expired pointers and cause the application to crash...
PT-2026-43358
A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition...
CVE-2026-32134
CVE-2026-32134 affects NanoMQ subinfol is freed/NULL’d before restoration, and the transport iterates it without NULL checks. It is fixed in version 0.24.11; upgrade to that release or later to mitigate. No exploitation details are provided in the available documents.
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the restore process when handling a crafted backup archive containing a valid backup/index.yaml and a malformed legacy backup.yaml file that omits the container section. An attacker can cause the daemon to...
CVE-2026-5590
A race condition during TCP connection teardown can cause tcprecv to operate on a connection that has already been released. If tcpconnsearch returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcpbacklogisfull and dereferenced without validatio...
CVE-2026-5590 net: ip/tcp: Null pointer dereference can be triggered by a race condition
A race condition during TCP connection teardown can cause tcprecv to operate on a connection that has already been released. If tcpconnsearch returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcpbacklogisfull and dereferenced without validatio...
CLSA-2026-1773682345 Fix CVE(s): CVE-2026-25795
SECURITY UPDATE: null pointer dereference and crash during image reading - debian/patches/CVE-2026-25795.patch: Fix NULL pointer dereference by reordering DestroyImageInfo after copy of filename; cause: Free readinfo before access of readinfo-filename - CVE-2026-25795...
EUVD-2026-10760
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to its availability. Exploitation of this issue...
CVE-2026-27215
Substance3D Painter is affected by a NULL Pointer Dereference leading to denial-of-service in versions 11.1.2 and earlier. The issue requires the user to open a malicious file, and the vulnerability impacts application availability. Remediation per sources (Adobe APSB26-25) is to update to a vers...
CVE-2025-71236
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature 154563.214890 nvme nvme2: NVME-FC1: controller connect complete 154564.169363 qla2xxx 0000:b0:00.1-3002:2: nvme: Sched: Set ZIO...
NULL Pointer Dereference
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
CVE-2025-68379
CVE-2025-68379 — In the Linux kernel, RDMA/rxe may dereference srq->rq.queue after a failed resize during a double ibv_modify_srq() call, causing a NULL pointer crash. The fix resolves null dereference in rxe_srq_chk_attr()/rxe_srq_from_attr() after a failed resize, preventing access to srq-&g...
EUVD-2025-36980
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41getacpimutestate Return value of a function acpievaluatedsm is dereferenced without checking for NULL, but it is usually checked for this function. acpievaluatedsm may...
CVE-2025-61103
A flaw was found in frr. When the OSPF daemon ospfd is configured with the debug command "debug ospf packet all send/recv detail", it attempts to print detailed information about OSPF packets. However, a specially crafted OSPF packet can trigger a NULL pointer dereference in the...