Null Pointer Dereference

github.com/emiago/sipgo is vulnerable to a Null pointer dereference. The vulnerability is due to missing nil checks for the To header in the NewResponseFromRequest function, which allows an attacker to exploit it by sending a malformed SIP request without a To header and crash the application...

CVE-2026-6526 NULL Pointer Dereference in Wireshark

RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

CVE-2026-6526 NULL Pointer Dereference in Wireshark

RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

CVE-2026-6526

The CVE-2026-6526 entry concerns a NULL pointer dereference in the RTSP protocol dissector of Wireshark, affecting versions 4.6.0 through 4.6.4. This crash is the defined impact, with CVSSv3.1 metrics indicating Local attack vector, Low attack complexity, requiring user interaction, and a High av...

CVE-2026-7376 NULL Pointer Dereference in Wireshark

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-7376

The vulnerability CVE-2026-7376 affects the sharkd component of Wireshark, with crashes that can cause denial of service. Affected versions are 4.6.0–4.6.4 and 4.4.0–4.4.14. The available sources (SUSE, Red Hat, NVD, Debian OSV, CVE listings) confirm the crash as the impact. Root cause details ar...

CVE-2026-7376 NULL Pointer Dereference in Wireshark

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

PT-2026-36085

Name of the Vulnerable Software and Affected Versions ASR1903 affected versions not specified Description A NULL pointer dereference in the ims client modules of ASR Lapwing Linux on Linux allows pointer manipulation. This issue is associated with the program file 'sip/utils/src/sipuri.c'. A NULL...

ASR Lapwing_Linux 代码问题漏洞

ASR LapwingLinux is a device firmware developed by ASR Corporation. ASR LapwingLinux has a code vulnerability that stems from a null pointer dereferencing in the imsclient module, which may lead to pointer-related issues...

Medium: openssl

Issue Overview: NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NULL dereference when processing CMS KeyTransportRecipientInfo...

Medium: openssl-snapsafe

Issue Overview: NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NULL dereference when processing CMS KeyTransportRecipientInfo...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the recvMessageloop process. An attacker can cause the daemon to crash by sending a specially crafted BGP UPDATE message containing an unrecognized Path Attribute marked as "Well-known," which leads to a nil...

JLSEC-2026-348

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5Cflushsingleentry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the publi...

JLSEC-2026-336

A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5Ocachechkserialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public a...

CLSA-2026-1777453307 ntp: Fix of 2 CVEs

CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...

CLSA-2026-1777397374 Fix CVE(s): CVE-2026-28390

SECURITY UPDATE: A NULL pointer dereference in rsacmsdecrypt when processing CMS messages with RSA-OAEP encryption where pSourceFunc is present but its parameters field is absent can trigger a crash, leading to Denial of Service. - debian/patches/CVE-2026-28390.patch: use X509ALGORget0 and...

Linux Distros Unpatched Vulnerability : CVE-2026-40355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism...

CVE-2026-31256

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

CVE-2026-40355

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit a NULL pointer dereference vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the termination of the process, resulting in a Denial of Service DoS...

freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...