63137 matches found
SUSE-SU-2026:0497-1 Security update for libsoup2
This update for libsoup2 fixes the following issues: - CVE-2026-1761: Check length of bytes read in soupfilterinputstreamreaduntil to avoid a stack-based buffer overflow bsc1257598. - CVE-2026-0716: improper bounds handling may allow out-of-bounds read bsc1256418. - CVE-2025-4476: null pointer...
Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.19 fixes various security issues The following security issues were fixed: CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnrequest...
SUSE-SU-2026:0491-1 Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.16 fixes various security issues The following security issues were fixed: - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. - CVE-2025-40186: tcp: Don't call reqskfastopenremove in...
CVE-2025-70954
A Null Pointer Dereference vulnerability exists in the TON Virtual Machine TVM within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before accessing it. By sending a...
CVE-2025-70954
A Null Pointer Dereference vulnerability exists in the TON Virtual Machine TVM within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before accessing it. By sending a...
CVE-2025-70954
The CVE-2025-70954 affects the TON Blockchain’s TVM, specifically the INMSGPARAM instruction. The vulnerability is a Null Pointer Dereference in the execution path, where a pointer is not checked for null before access, allowing a malicious transaction or smart contract to crash a validator node ...
AlmaLinux 8 : php:7.4 (ALSA-2026:2470)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2470 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decod...
PT-2026-8035
Name of the Vulnerable Software and Affected Versions TON Blockchain versions prior to 2025.06 Description A flaw exists in the TON Virtual Machine TVM within the TON Blockchain. The issue resides in the execution logic of the INMSGPARAM instruction, where the program does not validate if a point...
CVE-2025-70954
A Null Pointer Dereference vulnerability exists in the TON Virtual Machine TVM within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before accessing it. By sending a...
Siemens SIMATIC S7-1500 Improper Check for Unusual or Exceptional Conditions (CVE-2026-22795)
Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a malformed PKCS12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type...
Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-69421)
Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex...
SurrealDB vulnerable to Denial of Service through scripting function memory edge case
In SurrealDB instances with the scripting capability enabled --allow-scripting, users with the ability to run arbitrary queries can trigger a server crash due to a memory-safety bug in the underlying JS engine. The SurrealDB instance terminates instantly, requiring a manual restart. The query...
CLSA-2026-1770917492 Fix CVE(s): CVE-2025-69421
SECURITY UPDATE: Processing a malformed PKCS12 file can trigger a NULL pointer dereference - debian/patches/CVE-2025-69421.patch: Check oct argument for NULL - CVE-2025-69421...
kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state
A NULL pointer dereference vulnerability was found in the Intel i915 graphics driver in the Linux kernel. The intelatomicgetnewcrtcstate function can return NULL if the CRTC state was not previously obtained via intelatomicgetcrtcstate, but the return value was not checked before use. This leads ...
kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...
CVE-2025-47209
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-30266
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-54147
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-54146
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-54163
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Statio...