Lucene search
K

313 matches found

CVE
CVE
added yesterday9 views

CVE-2026-57244

CVE-2026-57244 affects Foxit PDF Editor/Reader Form Control. The root cause is a missing re-entry protection and object lifecycle verification during form synchronization after JavaScript resets, causing a control pointer dereference after a failure and resulting in a crash. The CVSSv3.1 vector i...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday5 views

CVE-2026-57260

The application opened a PDF file containing an abnormal Unity 3D object. During parsing, the application incorrectly resolved a portion of the abnormal object as a pointer and used it as a valid address, ultimately causing the application to crash...

7.8CVSS6AI score0.00116EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:38 p.m.6 views

CVE-2026-56017

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...

7.5CVSS5.8AI score0.00488EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 7:38 p.m.10 views

CVE-2026-56017

JavaScript::Minifier::XS (Perl) is affected in versions before 0.16. The vulnerability arises when the first meaningful token is a slash; the JsTokenizeString logic examines the previous token and, with no valid preceding token, dereferences a NULL pointer, causing a crash. The public minify() AP...

7.5CVSS5.8AI score0.00488EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 5:40 a.m.3 views

BIT-ENVOY-2026-47221 Envoy: Null pointer deref in internal redirects

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vulnerability when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests...

7.5CVSS6AI score0.00445EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv...

5.5CVSS6AI score0.001EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 7:10 a.m.2 views

SUSE-SU-2026:2641-1 Security update for apache2

This update for apache2 fixes the following issues Update to 2.4.66 jscPED-16334: Security issues: - CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. - CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. - CVE-2026-28780: heap buffer overflow in...

9.8CVSS6.6AI score0.01325EPSS
Exploits2References26
RedHat Linux
RedHat Linux
added 2026/06/22 3:13 p.m.5 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

5.3CVSS5.9AI score0.00514EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a NULL pointer derefrence issue in bnxtptpenable during error cleanup. When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error handling code calls bnxtfreehwrmresources, which...

5.8AI score0.00145EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 3:27 p.m.28 views

CVE-2026-1288

The CVE-2026-1288 entry concerns Autodesk Revit. A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Revit, can trigger a NULL pointer dereference in the processing path. Exploitation may crash the application, resulting in a denial-of-service condition. The pr...

5.5CVSS5.3AI score0.00116EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.9 views

CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

5.9CVSS5.5AI score0.00349EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.10 views

CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS5.5AI score0.00684EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.32 views

OpenSSL 1.1.1 < 1.1.1zh Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.1zh. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.1zh advisory. - Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption...

8.8CVSS6.9AI score0.02719EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.12.0 : shim (EulerOS-SA-2026-2114)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impac...

7.5CVSS7.6AI score0.00844EPSS
Exploits1References2
OSV
OSV
added 2026/06/04 12:4 p.m.11 views

RLSA-2026:21433 Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due to missing null-termination...

8.2CVSS6.3AI score0.01325EPSS
Exploits0References6
OSV
OSV
added 2026/06/01 12:0 a.m.25 views

ALSA-2026:22140 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd:...

9.8CVSS7.3AI score0.04409EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.14 views

SUSE SLES15 Security Update : apache2 (SUSE-SU-2026:2103-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2103-1 advisory. This update for apache2 fixes the following issues - CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957....

9.8CVSS6.2AI score0.4581EPSS
Exploits18References34
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-45959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions,...

7.8CVSS7.1AI score0.00127EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 5:16 p.m.14 views

CVE-2025-70116

A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields e.g., codec/mime/profile strings. gfmediamapesd then calls strlen on a NULL pointer, triggering a crash ASan SEGV...

4.3CVSS0.00407EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case where the codec dainame will be null. Avoid a crash if the device tree does not assign a codec to these...

5.5CVSS6.3AI score0.00143EPSS
Exploits0References2
Rows per page
Query Builder