GNU LibreDWG 代码问题漏洞

GNU LibreDWG is a C language library for working with DWG files from the US GNU community. A code issue vulnerability exists in GNU LibreDWG version 0.14 and earlier versions, which stems from a null pointer dereference in the dwgnextentity function of the src/decode.c file in the DWG File Handle...

Linux Distros Unpatched Vulnerability : CVE-2026-48829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This...

OpenEXR -- 3.4.12 fixes multiple vulnerabilities

Cary Phillips reports: The OpenEXR 3.4.12 release addresses the following security vulnerabilities: CVE-2026-45696 OpenEXR htundoimpl heap-buffer-overflow READ via codestream/channel width mismatch in HTJ2K decode CVE-2026-44663 Integer overflow in HTJ2K decoder htundoimpl leading to...

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

UBUNTU-CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

CVE-2026-48829

Technical details (affected product/versions, root cause, impact, fixes) are not publicly available in the provided documents. Monitor for updates.

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

EUVD-2026-31562

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

PT-2026-42903

Name of the Vulnerable Software and Affected Versions GNU SASL versions prior to 2.2.3 Description DIGEST-MD5 contains a NULL pointer dereference affecting both clients and servers. This issue occurs in the file lib/digest-md5/getsubopt.c when a known token is provided without an accompanying =...

GNU SASL 代码问题漏洞

GNU SASL is a simple authentication and security layer framework from the GNU community in the United States, which implements several common SASL mechanisms. Versions of GNU SASL prior to 2.2.3 had code vulnerabilities; these vulnerabilities stemmed from a null pointer dereferencing in the...

ROS-20260524-73-0029

Vulnerability in vim related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CLSA-2026-1779533209 NetworkManager: Fix of CVE-2024-6501

CVE-2024-6501: NULL pointer dereference of n-lldprx in nmlldpneighborparse when DEBUG logging is enabled, leading to denial-of-service on malformed LLDP packets...

OESA-2026-2418 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:mm/mempolicy: fix migratetonode assuming there is at least one VMA in a MMWe currently assume that there is at least one VMA in a MM, which isn ttrue.So we might...

OESA-2026-2402 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users ar...

OESA-2026-2401 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to...

OESA-2026-2400 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users ar...