Assimp 代码问题漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the parameter operator in the function glTF2::LazyDict within the library...

Astra Linux - уязвимость в libxml2

In libxml2 before version 2.10.4, parsing certain invalid XSD schemas can lead to a NULL pointer dereferencing, followed by a segfault. This issue occurs in the xmlSchemaFixupComplexType function in xmlschemas.c...

SUSE-SU-2026:20886-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

PT-2026-21604

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40 Description ImageMagick is software used for editing and manipulating digital images. A NULL pointer dereference in ClonePixelCacheRepository can allow a remote...

MiracleLinux 7 : glibc-2.17-222.el7 (AXSA:2018-2926:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2926:01 advisory. glibc: realpath buffer underflow when getcwd returns relative path allows privilege escalation CVE-2018-1000001 glibc: Buffer overflow in glob with...

EUVD-2025-203405

The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...

EUVD-2019-1916

Malware in sbrugna...

SUSE-SU-2025:20725-1 Security update for kernel-livepatch-MICRO-6-0_Update_5

This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: - CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 - CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 - CVE-2025-38181: calipso: fix null-ptr-deref in...

Linux Distros Unpatched Vulnerability : CVE-2020-6629

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ming aka libming 0.4.8 has z NULL pointer dereference in the function decompileGETURL2 in decompile.c. CVE-2020-6629 Note that Nessus relies on the presence of...

CVE-2019-1010171

Jsish 2.4.83 2.0483 is affected by: Nullpointer dereference. The impact is: denial of service. The component is: function jsiDumpFunctions jsiEval.c:567. The attack vector is: executing crafted javascript code. The fixed version is: 2.4.84...

Security Update for Microsoft .NET 7 Core (October 2023)

The version of Microsoft .NET 7 Core installed on the remote host is prior to 7.0.12. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023Oct10 advisory. - A vulnerability exists in the ASP.NET Core Kestrel web server where a malicious client may flood the server with...

Denial Of Service (DoS)

vim is vulnerable to Denial of Service DoS. The vulnerability exists due to a NULL Pointer Dereference which allows an attacker to cause an application crash...

MariaDB -- Nullpointer dereference

The MariaDB project reports: MariaDB Server is vulnerable to Denial of Service. It is possible for function spiderdbmbase::printwarnings to dereference a null pointer...

Null pointer dereference

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE...

CVE-2019-20199

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing a crafted XML file, performs incorrect memory handling, leading to NULL pointer dereference while running strlen on a NULL pointer...

OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2019-1010171

Jsish 2.4.83 2.0483 is affected by: Nullpointer dereference. The impact is: denial of service. The component is: function jsiDumpFunctions jsiEval.c:567. The attack vector is: executing crafted javascript code. The fixed version is: 2.4.84...

CVE-2019-1010171

Jsish 2.4.83 2.0483 is affected by: Nullpointer dereference. The impact is: denial of service. The component is: function jsiDumpFunctions jsiEval.c:567. The attack vector is: executing crafted javascript code. The fixed version is: 2.4.84...

Code injection

Jsish 2.4.83 2.0483 is affected by: Nullpointer dereference. The impact is: denial of service. The component is: function jsiDumpFunctions jsiEval.c:567. The attack vector is: executing crafted javascript code. The fixed version is: 2.4.84...

CVE-2019-1010171

The CVE-2019-1010171 entry describes a vulnerability in Jsish 2.4.83/2.0483 where a null pointer dereference in the function jsi_DumpFunctions (jsiEval.c:567) can be triggered by executing crafted JavaScript code, leading to denial of service. The fixed version is 2.4.84. References in the provid...