ImageMagick 代码问题漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. There were code-related vulnerabilities in versions of ImageMagick prior to 6.9.13-50 and 7.1.2-25. These vulnerabilities stemmed from...

PT-2026-48365

Name of the Vulnerable Software and Affected Versions File Station versions prior to 5.5.6.5208 Description A NULL pointer dereference allows a remote attacker with a user account to launch a denial-of-service DoS attack. A NULL pointer dereference occurs when a program attempts to read or write ...

QNAP Systems QuTS hero 代码问题漏洞

QNAP Systems QuTS hero is a software with data storage and management capabilities developed by QNAP Systems, a company based in Taiwan, China. There is a code vulnerability in QNAP Systems QuTS hero, which stems from a null pointer dereferencing. This vulnerability could allow remote attackers t...

QNAP Systems QTS和QNAP Systems QuTS hero 代码问题漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There are code-related vulnerabilities in QNAP Systems QTS and QNAP Systems QuTS hero, which stem from null pointer...

ESP-IDF 代码问题漏洞

ESP-IDF is an open-source development framework for Espressif’s Espressif SoC, supported on Windows, Linux, and macOS. Versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0 of ESP-IDF contain code vulnerabilities. These vulnerabilities stem from null pointer dereferencing in the WebSocket sub-protocol...

QNAP Systems多款产品 安全漏洞

QNAP Systems QuTScloud is a product of QNAP Systems. It is a cloud-optimized version of the QNAP NAS operating system. QNAP Systems QTS is software with data storage and management capabilities. QNAP Systems QuTS Hero is also software with data storage and management capabilities. Several product...

QNAP Systems File Station 6 代码问题漏洞

QNAP Systems File Station 6 is a file management software developed by QNAP Systems, a company based in Taiwan, China. There is a code vulnerability in QNAP Systems File Station 6, which stems from a null pointer dereferencing. This vulnerability could allow remote attackers to launch a...

QNAP Systems QTS和QNAP Systems QuTS hero 代码问题漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There are code-related vulnerabilities in QNAP Systems QTS and QNAP Systems QuTS hero, which stem from null pointer...

PT-2026-48363

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build...

PT-2026-48366

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

PT-2026-48352

Name of the Vulnerable Software and Affected Versions ESF-IDF version 5.2.6 ESF-IDF version 5.3.5 ESF-IDF version 5.4.4 ESF-IDF version 5.5.4 ESF-IDF version 6.0 Description A NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esp http server component. During th...

EulerOS 2.0 SP13 : expat (EulerOS-SA-2026-2285)

According to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.CVE-2026-32778...

Linux Distros Unpatched Vulnerability : CVE-2026-46310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the clean...

Linux Distros Unpatched Vulnerability : CVE-2026-42766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointe...

EulerOS 2.0 SP13 : binutils (EulerOS-SA-2026-2280)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of- bounds read in the bfd linker, allows a...

Linux Distros Unpatched Vulnerability : CVE-2026-42767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact...

PT-2026-48358

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

EulerOS 2.0 SP13 : expat (EulerOS-SA-2026-2328)

According to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.CVE-2026-32778...

UBUNTU-CVE-2026-9752

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

CVE-2026-9752 GeometryCollection with strict-winding polygon causes server crash during 2dsphere index key generation

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...