Lucene search
K

4600 matches found

RedhatCVE
RedhatCVE
added 4 days ago6 views

CVE-2026-42765

A flaw was found in OpenSSL. When an application is configured with specific non-default settings for certificate verification, including both Online Certificate Status Protocol OCSP response checking and partial chain verification, a NULL dereference can occur. This vulnerability can be triggere...

7.5CVSS7AI score0.00419EPSS
Exploits0References3
OSV
OSV
added 6 days ago4 views

PYSEC-2026-1963 TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`

Impact When the parameter summarize of tf.rawops.Print is zero, the new method SummarizeArray will reference to a nullptr, leading to a seg fault. python import tensorflow as tf tf.rawops.Printinput = tf.constant1, 1, 1, 1,dtype=tf.int32, data = False, False, False, False, False, False, False,...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6
OSV
OSV
added 6 days ago3 views

PYSEC-2026-961 TensorFlow has null dereference on ParallelConcat with XLA

Impact When running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. python import tensorflow as tf func = tf.rawops.ParallelConcat para = 'shape': 0, 'values': 1 @tf.functionjitcompile=True def test: y =...

7.5CVSS5.9AI score0.00391EPSS
Exploits0References6
OSV
OSV
added 6 days ago5 views

PYSEC-2026-968 TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef`

Impact When mlir::tfg::GraphDefImporter::ConvertNodeDef tries to convert NodeDefs without an op name, it crashes. cpp Status GraphDefImporter::ConvertNodeDefOpBuilder &builder, ConversionState &s, const NodeDef &node VLOG4 opdef; else auto it = functionopdefs.findnode.op; if it ==...

5.9CVSS6AI score0.00547EPSS
Exploits0References8
OSV
OSV
added 6 days ago3 views

PYSEC-2026-994 TensorFlow vulnerable to null dereference on MLIR on empty function attributes

Impact When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. cpp // Import the function attributes with a tf. prefix to match the current // infrastructure expectations. for const auto& namedAttr : func.attr const std::string& name =...

5.9CVSS6AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 6 days ago5 views

PYSEC-2026-991 TensorFlow vulnerable to null dereference on MLIR on empty function attributes

Impact Eig can be fed an incorrect Tout input, resulting in a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf import numpy as np arg0=tf.constantvalue=np.random.randomsize=2, 2, shape=2, 2, dtype=tf.float32 arg1=tf.complex128 arg2=True arg3=''...

5.9CVSS5.9AI score0.00396EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

PYSEC-2026-966 TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr`

Impact When mlir::tfg::TFOp::nameAttr receives null type list attributes, it crashes. cpp StatusOr GraphDefImporter::ArgNumTypeconst NamedAttrList &attrs, const OpDef::ArgDef &argdef, SmallVectorImpl &types // Check whether a type list attribute is specified. if !argdef.typelistattr.empty if auto...

5.9CVSS6AI score0.00559EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 6 days ago9 views

MiracleLinux 9 : krb5-1.21.1-10.el9 (AXSA:2026-1204:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-1204:04 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via...

7.5CVSS6AI score0.00501EPSS
Exploits2References3
OSV
OSV
added 2026/07/06 6:31 a.m.5 views

OESA-2026-2872 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classifie...

5.3CVSS5.2AI score0.00388EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 12:1 a.m.3 views

RLSA-2026:34354 Important: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via improper handling of signed characters in ctype...

7.7CVSS7.4AI score0.0078EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: wmadsp: Fix NULL dereference when removing firmware controls In wmadspcontrolremove check that the priv pointer is not NULL before attempting to cleanup...

6AI score0.00161EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.4 views

openSUSE 16 Security Update : lrzip (openSUSE-SU-2026:21179-1)

"The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21179-1 advisory. Changes in lrzip: - Update to version 0.660: Do not clean up thread structures in decompression failure conditions, fixing a use-after-free in...

7.8CVSS6AI score0.00243EPSS
Exploits3References9
RedhatCVE
RedhatCVE
added 2026/07/01 4:30 p.m.7 views

CVE-2026-53350

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ASoC Wolfson Microelectronics Audio Digital Signal Processor wmadsp driver. The wmadspcontrolremove function attempts to clean up private control data without verifying if the pointer to this data is null. This can occur whe...

5.5CVSS5.8AI score0.00161EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/01 2:9 p.m.38 views

CVE-2026-14324 Pipewire: raop rtsp null deref

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS0.00175EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 1:32 p.m.6 views

EUVD-2026-40984

In the Linux kernel, the following vulnerability has been resolved: ASoC: wmadsp: Fix NULL dereference when removing firmware controls In wmadspcontrolremove check that the priv pointer is not NULL before attempting to cleanup what it points to. When csdsp creates a control it calls...

5.8AI score0.00161EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 11:12 a.m.6 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/ras: Fix NULL deref in rascoregetutcsecondtimestamp rascoregetutcsecondtimestamp retrieves the current UTC timestamp in seconds since the Unix epoch...

5.5CVSS6AI score0.00102EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/ras: Fix NULL deref in rascorerasinterruptdetected Fixes a NULL pointer dereference when rascore is NULL and rascore-dev is accessed in the error path...

5.5CVSS6AI score0.001EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine,...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: mana: Use pciname for debugfs directory naming Use pcinamepdev for the per-device debugfs directory instead of hardcoded 0 for PFs and pcislotnamepdev-slot...

5.5CVSS6AI score0.00115EPSS
Exploits0References3
Rows per page
Query Builder