CVE-2026-3776 Null pointer dereference in Foxit PDF Editor/Reader when accessing stamp annotation

The application does not validate the presence of required appearance AP data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code continues to dereference the associated object without a prior null or validity check, which allows a...

CVE-2026-3776

The application does not validate the presence of required appearance AP data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code continues to dereference the associated object without a prior null or validity check, which allows a...

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from the lack of verification of the...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

PT-2026-29587

Name of the Vulnerable Software and Affected Versions Mbed TLS versions through 3.6.5 and 4.0.0 Description A flaw exists in the distinguished name parsing functionality, leading to a NULL pointer dereference. This can allow an attacker to write to address 0. Recommendations Update to a version...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

Medium: firefox

Issue Overview: A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted XML content with empty external parameter entities. This could lead to a NULL pointer dereference, causing the application to crash and resulting in a Denial of Service...

SUSE SLES12 Security Update : expat (SUSE-SU-2026:1159-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1159-1 advisory. - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259726. -...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

CVE-2026-34874

Mbed TLS versions affected: up to 3.6.5 and 4.x up to 4.0.0. The issue is a NULL pointer dereference in distinguished name parsing that can allow writing to address 0. This is a concrete vulnerability detail (affected component and root cause) and is described in both the CVE records and CVE List...

ROS-20260401-73-0042

Vulnerability in golang-x-net related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-34552

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

CVE-2026-34551

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a null-pointer dereference NPD in CIccTagLut16::Write can be triggered when processing a crafted ICC profile embedded in a TIFF and extracted during iccTiffDump. This issue has...

CVE-2026-34541

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB via a null-pointer member call in CIccCombinedConnectionConditions::CIccCombinedConnectionConditions reported by UBSan as...

CVE-2026-34552 iccDEV: UB at IccTagLut.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

CVE-2026-34552

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

CVE-2026-34552 iccDEV: UB at IccTagLut.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

EUVD-2026-17717

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

CVE-2026-34552

The iccDEV CVE-2026-34552 affects the IccTagLut.cpp path, where a null pointer dereference of type CIccApplyCLUT can trigger Undefined Behavior. This occurs in versions prior to 2.3.1.6 and has been fixed in 2.3.1.6. The issue is rooted in member access through a null pointer in that file, leadin...