63002 matches found
EUVD-2025-210004
A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...
CVE-2025-70099
A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...
CVE-2025-70099
A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...
CVE-2025-60481
A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...
CVE-2025-60483
A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...
CVE-2025-60481
A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...
ALSA-2026:22313 Moderate: compat-openssl11 security update
The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer...
CVE-2026-37230
FlexRIC v2.0.0 crashes when the near-RT RIC receives a RICINDICATION message with a ranfuncid that does not exist in its registry. The lookup returns NULL, triggering assert in Debug builds SIGABRT or NULL pointer dereference in Release builds SIGSEGV. A remote unauthenticated attacker can crash...
CVE-2025-60483
A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...
PT-2026-45537
Thor Vector Graphics ThorVG is a production-ready vector graphics engine. Prior to version 1.0.5, a null pointer dereference in SvgLoader::run allows any caller that passes untrusted SVG data to Picture::load to crash the process with a 6-byte payload. This issue has been patched in version 1.0.5...
ALSA-2026:22305 Important: php:8.2 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...
whisper.cpp 代码问题漏洞
whisper.cpp is a C language library open sourced by ggml. Versions of whisper.cpp 1.8.2 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect operations in the function whispermodelload located in the file ggml/src/ggml.c, which could lead to null pointer...
ALSA-2026:22312 Moderate: openssl security update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing...
ALSA-2026:22314 Moderate: openssl security update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing...
ALSA-2026:22140 Important: httpd:2.4 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd:...
RockyLinux 9 : php:8.3 (RLSA-2026:22142)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22142 advisory. PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting...
CVE-2025-60481
Summary (useful notes): CVE-2025-60481 affects GPAC Project/MP4Box prior to 26.02.0. The issue is a NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function located in /odf/descriptors.c, which can be triggered by a crafted AC4 file and leads to Denial of Service. Impact is limited to avail...
CVE-2025-60483
GPAC MP4Box versions before 26.02.0 are affected by a NULL pointer dereference in gf_ac4_pres_b_4_back_channels_present (located in /media_tools/av_parsers.c), enabling a DoS via a crafted AC4 file. Connected sources confirm the vulnerable component/function and file, with impact described as Den...
Linux Distros Unpatched Vulnerability : CVE-2025-70116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields e.g.,...
Moderate: compat-openssl11 security update
The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer...