Lucene search
+L

4632 matches found

osv
osv
added 2 days ago5 views

MGASA-2026-0253 Updated openssl packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion. CVE-2026-7383 Out-of-Bounds Read in CMS Password-Based Decryption. CVE-2026-9076 Heap Buffer Over-read in ASN.1 Content Parsing. CVE-2026-34180 PKCS12 Files with PBMAC1 Are...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References8
osv
osv
added 3 days ago3 views

RLSA-2026:38492 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: md/bitmap: fix GPF in writepage caused by resize race CVE-2026-43163 kernel: rtmutex: Use waiter::task instead of current in removewaiter CVE-2026-43499 kernel: futex/requeue: Prevent NUL...

7.8CVSS6.2AI score0.00126EPSS
Exploits22References4
vulnrichment
vulnrichment
added 3 days ago6 views

CVE-2026-10670 User-triggerable kernel NULL-pointer dereference (DoS) in `k_thread_name_copy()` syscall verifier

The CONFIGUSERSPACE verification handler for the kthreadnamecopy system call zvrfykthreadnamecopy in kernel/thread.c calls kobjectfind on the caller-supplied thread pointer and then dereferences the returned struct kobject without checking it for NULL. kobjectfind returns NULL whenever the suppli...

5.5CVSS6.2AI score0.001EPSS
Exploits0References2
rocky
rocky
added 3 days ago7 views

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

7.8CVSS6.2AI score0.0014EPSS
Exploits22
redhatcve
redhatcve
added 2026/07/09 2:31 p.m.6 views

CVE-2026-42765

A flaw was found in OpenSSL. When an application is configured with specific non-default settings for certificate verification, including both Online Certificate Status Protocol OCSP response checking and partial chain verification, a NULL dereference can occur. This vulnerability can be triggere...

7.5CVSS7AI score0.00419EPSS
Exploits0References3
osv
osv
added 2026/07/07 11:45 a.m.5 views

PYSEC-2026-1963 TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`

Impact When the parameter summarize of tf.rawops.Print is zero, the new method SummarizeArray will reference to a nullptr, leading to a seg fault. python import tensorflow as tf tf.rawops.Printinput = tf.constant1, 1, 1, 1,dtype=tf.int32, data = False, False, False, False, False, False, False,...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6
osv
osv
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-961 TensorFlow has null dereference on ParallelConcat with XLA

Impact When running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. python import tensorflow as tf func = tf.rawops.ParallelConcat para = 'shape': 0, 'values': 1 @tf.functionjitcompile=True def test: y =...

7.5CVSS5.9AI score0.00391EPSS
Exploits0References6
osv
osv
added 2026/07/07 10:17 a.m.6 views

PYSEC-2026-991 TensorFlow vulnerable to null dereference on MLIR on empty function attributes

Impact Eig can be fed an incorrect Tout input, resulting in a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf import numpy as np arg0=tf.constantvalue=np.random.randomsize=2, 2, shape=2, 2, dtype=tf.float32 arg1=tf.complex128 arg2=True arg3=''...

5.9CVSS5.9AI score0.00396EPSS
Exploits0References7
osv
osv
added 2026/07/07 10:17 a.m.6 views

PYSEC-2026-968 TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef`

Impact When mlir::tfg::GraphDefImporter::ConvertNodeDef tries to convert NodeDefs without an op name, it crashes. cpp Status GraphDefImporter::ConvertNodeDefOpBuilder &builder, ConversionState &s, const NodeDef &node VLOG4 opdef; else auto it = functionopdefs.findnode.op; if it ==...

5.9CVSS6AI score0.00547EPSS
Exploits0References8
osv
osv
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-994 TensorFlow vulnerable to null dereference on MLIR on empty function attributes

Impact When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. cpp // Import the function attributes with a tf. prefix to match the current // infrastructure expectations. for const auto& namedAttr : func.attr const std::string& name =...

5.9CVSS6AI score0.00396EPSS
Exploits0References7
osv
osv
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-966 TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr`

Impact When mlir::tfg::TFOp::nameAttr receives null type list attributes, it crashes. cpp StatusOr GraphDefImporter::ArgNumTypeconst NamedAttrList &attrs, const OpDef::ArgDef &argdef, SmallVectorImpl &types // Check whether a type list attribute is specified. if !argdef.typelistattr.empty if auto...

5.9CVSS6AI score0.00559EPSS
Exploits0References9
nessus
nessus
added 2026/07/07 12:0 a.m.10 views

MiracleLinux 9 : krb5-1.21.1-10.el9 (AXSA:2026-1204:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-1204:04 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via...

7.5CVSS6AI score0.00507EPSS
Exploits2References3
osv
osv
added 2026/07/06 6:31 a.m.5 views

OESA-2026-2872 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classifie...

5.3CVSS5.2AI score0.00388EPSS
Exploits0References2
osv
osv
added 2026/07/05 10:23 p.m.3 views

CVE-2026-10656 NULL-pointer dereference DoS in MAX32 USB device controller transfer-completion handlers

The MAX32xxx USB device controller driver drivers/usb/udc/udcmax32.c, compatible adimax32usbhs dereferenced an endpoint buffer in its OUT and IN transfer-completion handlers without checking it for NULL. udceventxferoutdone called netbufaddbuf, eprequest-actlen immediately after buf =...

4.6CVSS6.1AI score0.00191EPSS
Exploits1References5
osv
osv
added 2026/07/02 12:1 a.m.3 views

RLSA-2026:34354 Important: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via improper handling of signed characters in ctype...

7.7CVSS7.4AI score0.0078EPSS
Exploits1References7
nessus
nessus
added 2026/07/02 12:0 a.m.4 views

openSUSE 16 Security Update : lrzip (openSUSE-SU-2026:21179-1)

"The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21179-1 advisory. Changes in lrzip: - Update to version 0.660: Do not clean up thread structures in decompression failure conditions, fixing a use-after-free in...

7.8CVSS6AI score0.00243EPSS
Exploits3References9
nessus
nessus
added 2026/07/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: wmadsp: Fix NULL dereference when removing firmware controls In wmadspcontrolremove check that the priv pointer is not NULL before attempting to cleanup...

6AI score0.00161EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/07/01 4:30 p.m.7 views

CVE-2026-53350

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ASoC Wolfson Microelectronics Audio Digital Signal Processor wmadsp driver. The wmadspcontrolremove function attempts to clean up private control data without verifying if the pointer to this data is null. This can occur whe...

5.5CVSS5.8AI score0.00161EPSS
Exploits0References4
nvd
nvd
added 2026/07/01 2:16 p.m.4 views

CVE-2026-53350

In the Linux kernel, the following vulnerability has been resolved: ASoC: wmadsp: Fix NULL dereference when removing firmware controls In wmadspcontrolremove check that the priv pointer is not NULL before attempting to cleanup what it points to. When csdsp creates a control it calls...

0.00161EPSS
Exploits0References6
cvelist
cvelist
added 2026/07/01 2:9 p.m.42 views

CVE-2026-14324 Pipewire: raop rtsp null deref

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS0.00175EPSS
Exploits0References2
Rows per page
Query Builder