63165 matches found
CVE-2025-66274 QTS, QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-66274
CVE-2025-66274 affects QNAP QTS and QuTS hero; a NULL pointer dereference allows a remote attacker with administrator privileges to trigger a DoS. Remediation: upgrade to QuTS hero h5.3.2.3354 build 20251225 or later (and affected QTS versions). Exploitation details are described as remote with a...
CVE-2025-66274
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state
A NULL pointer dereference vulnerability was found in the Intel i915 graphics driver in the Linux kernel. The intelatomicgetnewcrtcstate function can return NULL if the CRTC state was not previously obtained via intelatomicgetcrtcstate, but the return value was not checked before use. This leads ...
CLSA-2026-1770804736 Fix CVE(s): CVE-2025-69421
SECURITY UPDATE: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files - debian/patches/CVE-2025-69421.patch: fix NULL pointer dereference in PKCS12itemdecryptd2i by adding NULL check for oct parameter - CVE-2025-69421...
CLSA-2026-1770804474 Fix CVE(s): CVE-2025-69418, CVE-2025-69421, CVE-2026-22796
SECURITY UPDATE: The trailing 1-15 bytes of a message may be exposed incleartext on encryption and are not covered by the authentication tag,allowing an attacker to read or tamper with those bytes without detection - debian/patches/CVE-2025-69418.patch: fix OCB AES-NI/HW stream path...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. CVE-2026-23876: maliciously crafted image can lead to heap buffer...
SUSE-SU-2026:0437-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. - CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. - CVE-2026-23876: maliciously crafted image can lead to heap...
RLSA-2026:2470 Moderate: php:7.4 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...
kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...
kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state
A NULL pointer dereference vulnerability was found in the Intel i915 graphics driver in the Linux kernel. The intelatomicgetnewcrtcstate function can return NULL if the CRTC state was not previously obtained via intelatomicgetcrtcstate, but the return value was not checked before use. This leads ...
QNAP Systems File Station 5 代码问题漏洞
QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. Versions of QNAP Systems File Station 5 prior to 5.5.6.5166 contained a code-related vulnerability caused by a null pointer dereferencing, which could lead to a denial-of-service...
Fedora 43 : gnutls (2026-ef7170c9f6)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ef7170c9f6 advisory. This fixes a couple CVEs: libgnutls: Fix NULL pointer dereference in PSK binder verification A TLS 1.3 resumption attempt with an invalid PSK binder...
QNAP Qsync Central 代码问题漏洞
QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a code vulnerability caused by a null pointer dereferencing, which could lead to a denial-of-service attack...
RHEL 9 : kernel-rt (RHSA-2026:2577)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2577 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: openssl (UTSA-2026-005335)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005335 advisory. Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer...
QNAP Qsync Central 代码问题漏洞
QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a code vulnerability caused by a null pointer dereferencing, which could allow remote attackers to launch a...
PT-2026-7554
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Statio...
PT-2026-7544
Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description A flaw exists in Qsync Central that, if exploited by a remote attacker with a user account, could lead to a denial-of-service DoS attack. The issue is due to a NULL pointer dereference...
QNAP Qsync Central 代码问题漏洞
QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a code vulnerability caused by a null pointer dereferencing, which could allow remote attackers to launch a...