Lucene search
K

63120 matches found

OSV
OSV
added 2026/02/19 9:17 a.m.6 views

SUSE-SU-2026:20460-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-24.1 fixes various security issues The following security issues were fixed: - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers an...

7.4CVSS6.8AI score0.01345EPSS
Exploits8References11
SUSE CVE
SUSE CVE
added 2026/02/19 12:28 a.m.4 views

SUSE CVE-2025-71233

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

4.4CVSS5.6AI score0.00118EPSS
Exploits0References7
Amazon
Amazon
added 2026/02/19 12:0 a.m.15 views

Medium: thunderbird

Issue Overview: HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construc...

7.8CVSS6AI score0.00377EPSS
Exploits6
Amazon
Amazon
added 2026/02/19 12:0 a.m.9 views

Medium: firefox

Issue Overview: HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construc...

7.8CVSS6AI score0.00377EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.5 views

SUSE SLED15: libsoup-2_4-1 / libsoup-2_4-1-32bit / libsoup2-devel / etc (SUSE-SU-2026:0574-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0574-1 advisory. - CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP responses can lead ...

8.6CVSS6.6AI score0.00947EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.8 views

Amazon Linux 2 : openssl-snapsafe, --advisory ALAS2OPENSSL-SNAPSAFE-2026-009 (ALASOPENSSL-SNAPSAFE-2026-009)

The version of openssl-snapsafe installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2OPENSSL-SNAPSAFE-2026-009 advisory. Writing large, newline-free data into a BIO chain using the line-buffering filter where the next...

7.5CVSS5.8AI score0.00844EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.11 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3171 (ALAS-2026-3171)

The version of thunderbird installed on the remote host is prior to 140.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3171 advisory. HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the...

7.8CVSS6.6AI score0.00377EPSS
Exploits6References10
Snyk
Snyk
added 2026/02/18 10:4 p.m.2 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the configinput function. An attacker can cause the application to crash by tricking a victim into processing a specially crafted media file with the Firequalizer filter enabled. Remediation Upgrade ffmpeg t...

6.9CVSS6.3AI score0.00298EPSS
Exploits0References2
OSV
OSV
added 2026/02/18 9:16 p.m.4 views

CVE-2025-10256

A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter libavfilter/affirequalizer.c due to a missing check on the return value of avmallocarray in the configinput function. An attacker could exploit this by tricking a victim into processing a crafted media file with the...

5.5CVSS5.7AI score0.00298EPSS
Exploits0References4
NVD
NVD
added 2026/02/18 9:16 p.m.12 views

CVE-2025-10256

A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter libavfilter/affirequalizer.c due to a missing check on the return value of avmallocarray in the configinput function. An attacker could exploit this by tricking a victim into processing a crafted media file with the...

5.5CVSS0.00298EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/18 8:26 p.m.22 views

CVE-2025-10256 Ffmpeg: null pointer dereference in firequalizer filter (libavfilter/af_firequalizer.c)

A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter libavfilter/affirequalizer.c due to a missing check on the return value of avmallocarray in the configinput function. An attacker could exploit this by tricking a victim into processing a crafted media file with the...

5.3CVSS0.00298EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/18 8:26 p.m.2 views

CVE-2025-10256 Ffmpeg: null pointer dereference in firequalizer filter (libavfilter/af_firequalizer.c)

A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter libavfilter/affirequalizer.c due to a missing check on the return value of avmallocarray in the configinput function. An attacker could exploit this by tricking a victim into processing a crafted media file with the...

5.3CVSS6.3AI score0.00298EPSS
Exploits0References4
CVE
CVE
added 2026/02/18 8:26 p.m.34 views

CVE-2025-10256

CVE-2025-10256 affects FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on av_malloc_array() in config_input(), enabling a NULL pointer dereference that can crash the application (denial of service). Technical details are confirmed across multiple connected sour...

5.5CVSS6.4AI score0.00298EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/18 4:23 p.m.2 views

SUSE-SU-2026:20542-1 Security update for openssl-3-livepatches

This update for openssl-3-livepatches fixes the following issues: - CVE-2025-11187: Fixed improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256878. - CVE-2025-15467: Fixed stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256876. - CVE-2025-15468: Fixed NULL...

9.8CVSS7.3AI score0.45854EPSS
Exploits7References9
NVD
NVD
added 2026/02/18 4:22 p.m.5 views

CVE-2025-71233

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

5.5CVSS0.00118EPSS
Exploits0References7
NVD
NVD
added 2026/02/18 4:22 p.m.12 views

CVE-2025-71236

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature 154563.214890 nvme nvme2: NVME-FC1: controller connect complete 154564.169363 qla2xxx 0000:b0:00.1-3002:2: nvme: Sched: Set ZIO...

5.5CVSS0.00118EPSS
Exploits0References8
OSV
OSV
added 2026/02/18 4:22 p.m.8 views

AZL-77951 CVE-2025-71233 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

5.5CVSS5.6AI score0.00118EPSS
Exploits0References1
OSV
OSV
added 2026/02/18 4:22 p.m.3 views

UBUNTU-CVE-2025-71233

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

5.5CVSS5.7AI score0.00118EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/18 4:22 p.m.5 views

CVE-2025-71233

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

5.5CVSS5.7AI score0.00118EPSS
Exploits0References4
OSV
OSV
added 2026/02/18 4:22 p.m.1 views

UBUNTU-CVE-2025-71236

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature 154563.214890 nvme nvme2: NVME-FC1: controller connect complete 154564.169363 qla2xxx 0000:b0:00.1-3002:2: nvme: Sched: Set ZIO...

5.5CVSS5.7AI score0.00118EPSS
Exploits0References6
Rows per page
Query Builder