EulerOS Virtualization 2.12.1 : gnutls (EulerOS-SA-2026-1428)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization...

CLSA-2026-1773682345 Fix CVE(s): CVE-2026-25795

SECURITY UPDATE: null pointer dereference and crash during image reading - debian/patches/CVE-2026-25795.patch: Fix NULL pointer dereference by reordering DestroyImageInfo after copy of filename; cause: Free readinfo before access of readinfo-filename - CVE-2026-25795...

EUVD-2026-12347

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

EUVD-2026-12351

libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition...

EUVD-2026-12229

arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in the WiFiUDP component. An attacker on the same local area network can send a large volume of malicious UDP packets to cause memory exhaustion on the device, triggering a null pointer dereference and resulti...

CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

CVE-2026-32778

libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition...

CVE-2026-32778

libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition...

ALPINE-CVE-2026-32778

libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition...

ALPINE-CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

CVE-2026-28522

arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in the WiFiUDP component. An attacker on the same local area network can send a large volume of malicious UDP packets that trigger a null pointer dereference, resulting in a denial-of-service condition...

UBUNTU-CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

UBUNTU-CVE-2026-32778

libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition...

CVE-2026-32778

libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition...

CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

CVE-2026-32778

A flaw was found in libexpat. This vulnerability allows an attacker to trigger a NULL pointer dereference in the setContext function. This occurs when the system attempts to retry an operation after an out-of-memory condition, which can lead to a Denial of Service DoS for the affected application...

CVE-2026-32776

A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted XML content with empty external parameter entities. This could lead to a NULL pointer dereference, causing the application to crash and resulting in a Denial of Service DoS. Mitigation...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the external parameter entity with empty text if referenced inside an entity declaration value processing. An attacker can cause a denial of service by providing empty content to this component. Remediation...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the setContext function on retry after an earlier out-of-memory condition. An attacker can cause a denial of service by triggering a NULL pointer dereference through repeated memory exhaustion scenarios...