63168 matches found
SUSE CVE-2026-43213
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports abnormal sequence number in TX release report, which will access out-of-bounds of wdring-pages array, causing NULL pointer dereference. BUG:...
SUSE CVE-2026-43271
In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the 'thread' pointer acquired via rcudereferenceprotected within the waitevent macro. While the code commen...
CVE-2026-43282
A flaw was found in the Linux kernel's RDMA Remote Direct Memory Access ionic driver. This vulnerability occurs in the ionicqueryport function, where a missing check for the return value of ibdevicegetnetdev can lead to a NULL pointer dereference. A local attacker could potentially exploit this t...
CVE-2026-43271
A flaw was found in the Linux kernel's md-cluster module. During the startup of a multi-device MD array, a race condition can occur where a remote node sends a metadata update message before the system is fully ready to process it. This premature processing leads to a null pointer dereference,...
Tor 代码问题漏洞
Tor is a virtual tunnel network operated by the Tor Project organization. It allows individuals and groups to enhance their privacy and security on the Internet. Versions of Tor prior to 0.4.9.7 contained a code vulnerability caused by a null pointer dereferencing when the CERT unit received data...
PT-2026-39447
Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description A mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, whi...
MongoDB Server 代码问题漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. Versions of MongoDB Server prior to 8.2 and 8.2.7 contained code vulnerabilities...
PT-2026-38343
Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 8.2.7 Description An authenticated user can cause a denial of service by crashing the mongod process. This occurs when running $rankFusion or $scoreFusion with an empty pipeline on a view. During view resolutio...
GoBGP 代码问题漏洞
GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.3.0 of GoBGP contains a code vulnerability that arises from a null pointer dereferencing during the processing of malformed BGP UPDATE messages containing unrecognized Well-known path attributes...
GoBGP 代码问题漏洞
GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.4.0 of GoBGP contains a code vulnerability. This vulnerability arises from unauthenticated remote BGP peers sending specially crafted BGP UPDATE messages. When servers process messages with...
PT-2026-38337
Name of the Vulnerable Software and Affected Versions Tor versions prior to 0.4.9.7 Description A NULL pointer dereference occurs when a CERT cell is received out of order. A NULL pointer dereference is a runtime error that happens when a program attempts to read or write to a memory address that...
CVE-2026-44602
Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...
Linux Distros Unpatched Vulnerability : CVE-2026-43164
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of...
Linux Distros Unpatched Vulnerability : CVE-2026-44602
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006. CVE-2026-44602 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2026-43282
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionicqueryport The function...
CLSA-2026-1778111838 httpd: Fix of 9 CVEs
CVE-2026-24072: fix modrewrite apexpr privilege escalation in htaccess - CVE-2026-28780: fix modproxyajp ajpmsgcheckheader buffer over-read - CVE-2026-29169: fix moddavlock NULL pointer dereference - CVE-2026-33006: fix modauthdigest timing attack - CVE-2026-33007: fix modauthnsocache NULL...
CVE-2026-43251
A flaw was found in the Linux kernel's Human Interface Device HID prodikeys driver. A local attacker can exploit this vulnerability by connecting a specially crafted Universal Serial Bus USB device. This device can send a malicious report descriptor, bypassing a necessary check and causing a null...
CLSA-2026-1777942724 vim: Fix of 3 CVEs
CVE-2021-3928: fix reading uninitialized memory in spell suggestions spellsuggest.c - CVE-2022-1616: fix buffer overflow in invalid command with composing chars exdocmd.c - CVE-2022-1620: fix NULL pointer dereference when using invalid pattern buffer.c...
CVE-2026-43207
A flaw was found in the Linux kernel's mtk-mdp media driver. Improper error handling in the probe function could lead to a resource leak. Additionally, a missing check for the return value of vpugetplatdevice could result in a null pointer dereference, potentially causing a system crash and leadi...
CVE-2026-43189
A flaw was found in the v4l2-async component of the Linux kernel. Improper error handling during asynchronous video device matching can lead to a null pointer dereference. This issue could allow a local attacker to trigger a system crash, resulting in a Denial of Service DoS...