62939 matches found
Null-pointer dereference and double-free via safe APIs
Two soundness violations exist in the Rust bindings for MetaCall: Null-pointer dereference: MetaCallFuture::newraw accepts a raw pointer without validation. The Debug impl calls Box::fromrawself.data on it. Passing a null pointer causes the Debug impl to construct a NonNull from null, producing...
CVE-2026-6525 NULL Pointer Dereference in Wireshark
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4...
CVE-2026-6525 NULL Pointer Dereference in Wireshark
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4...
CVE-2026-6525
Wireshark CVE-2026-6525 refers to a crash in the IEEE 802.11 protocol dissector affecting Wireshark 4.6.0–4.6.4. The issue is a crash (not a memory-safety description) with a CVSSv3.1 base score of 5.5 (MEDIUM). Exploitation is described as LOCAL with user interaction required and impact limited ...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 AFALG AEAD Local Privilege Escalation Exploi...
CLSA-2026-1777544441 vim: Fix of 13 CVEs
CVE-2021-3796: fix use-after-free in nvreplace by getting the line pointer again after inscopychar may have released it - CVE-2021-3973: fix heap buffer overflow in findfileinpathoption by rejecting len == 0 inputs - CVE-2022-0413: fix use-after-free in dosub when the substitute string is a "="...
CLSA-2026-1777547052 openssl: Fix of CVE-2026-28389
CVE-2026-28389: fix NULL pointer dereference in dhcmssetsharedinfo and ecdhcmssetsharedinfo when the CMS KeyEncryptionAlgorithmIdentifier parameter field is omitted...
CLSA-2026-1777541147 squid34: Fix of 12 CVEs
CVE-2019-12525: fix heap buffer over-read in Digest auth parameter parsing - CVE-2018-1000027: fix NULL pointer dereference in X-Forwarded-For logging for internal transactions - CVE-2018-19131: escape certificate field injection via %D in ERRSECURECONNECTFAIL page - CVE-2018-19132: fix memory...
squid34: Fix of 12 CVEs
CVE-2019-12525: fix heap buffer over-read in Digest auth parameter parsing - CVE-2018-1000027: fix NULL pointer dereference in X-Forwarded-For logging for internal transactions - CVE-2018-19131: escape certificate field injection via %D in ERRSECURECONNECTFAIL page - CVE-2018-19132: fix memory...
libxml2: Fix of 2 CVEs
CVE-2018-14404: fix NULL pointer dereference in xmlXPathCompOpEval when AND/OR operator operates on an empty XPath stack - CVE-2019-19956: fix memory leak in xmlParseBalancedChunkMemoryRecover when parsing NULL doc...
CLSA-2026-1777464764 libxml2: Fix of 2 CVEs
CVE-2018-14404: fix NULL pointer dereference in xmlXPathCompOpEval when AND/OR operator operates on an empty XPath stack - CVE-2019-19956: fix memory leak in xmlParseBalancedChunkMemoryRecover when parsing NULL doc...
ntp: Fix of 2 CVEs
CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...
CLSA-2026-1777453146 ntp: Fix of 2 CVEs
CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...
Linux Distros Unpatched Vulnerability : CVE-2026-31727
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix NULL pointer deref in ethgetdrvinfo Commit ec35c1969650 usb: gadget...
openSUSE 16 Security Update : libssh (openSUSE-SU-2026:20647-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20647-1 advisory. - Update to version 0.11.4: - CVE-2026-0964: SCP Protocol Path Traversal in sshscppullrequest bsc1258049 - CVE-2026-0965: Possible Denial of...
Linux Distros Unpatched Vulnerability : CVE-2026-43013
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: lag: Check for LAG device before creating debugfs mlx5lagdevaddmdev may return 0 success even when an error occurs that is handled gracefully...
Linux Distros Unpatched Vulnerability : CVE-2026-31728
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: uether: Fix race between getherdisconnect and ethstop A race condition between getherdisconnect and ethstop leads to a NULL pointer dereference...
Linux Distros Unpatched Vulnerability : CVE-2026-31755
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: gadget: fix NULL pointer dereference in epqueue When the gadget endpoint is disabled or not yet configured, the ep-desc pointer can be NULL. This...
CVE-2026-31753
A flaw was found in the Linux kernel, specifically within the auxdisplay and line-display modules. This vulnerability occurs when the linedisprelease function attempts to free display resources. If the associated attachment list has already been removed, the function dereferences a null pointer,...
CVE-2026-31749
A flaw was found in the niatmio16d driver within the Comedi Comedi is a collection of drivers for data acquisition equipment subsystem of the Linux kernel. This vulnerability occurs when an error during the driver's attach process causes the cleanup function atmio16ddetach to be called with...