EUVD-2025-210311

GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

CVE-2025-55639

GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

CVE-2025-55639

GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

httpd: NULL pointer dereference via specially crafted request

A flaw was found in the moddavlock module of httpd. This vulnerability allows a remote unauthenticated attacker to crash the server due to a NULL pointer dereference via a specially crafted request...

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

httpd: NULL pointer dereference via specially crafted request

A flaw was found in the moddavlock module of httpd. This vulnerability allows a remote unauthenticated attacker to crash the server due to a NULL pointer dereference via a specially crafted request...

CVE-2025-70102

A flaw was found in dhcpcd. A specially crafted configuration input may cause the parseoption function to dereference a NULL pointer while processing malformed option data. This issue may result in application termination and a denial of service condition. Mitigation Red Hat is not aware of a...

SUSE SLES15 Security Update : ffmpeg-4 (SUSE-SU-2026:2444-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2444-1 advisory. This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File Extension Bypass...

CVE-2026-48137

There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially...

CVE-2026-48137

Summary: CVE-2026-48137 is an untrusted pointer dereference in the NI grpc-device sideband streaming API affecting NI grpc-device 2.17.0 and earlier. A attacker can cause an arbitrary memory dereference and potentially remote code execution by sending a specially crafted Moniker protobuf message....

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A NULL pointer dereference occurred in amdgpudmconnectoraddcommonmodes. In amdgpudmconnectoraddcommonmodes, amdgpudmcreatecommonmode assigns mode to mode, and mode is directly passed to drmmodeprobedadd...

Astra Linux – Vulnerability in SQLite3

The file ext/fts3/fts3snippet.c in SQLite before version 3.32.0 contains a NULL pointer dereferencing issue due to a malicious matchinfo query...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden the getcpuforacpiid function to prevent errors when a missing CPU entry is used. During a review discussion of the changes to support vCPU hotplug, it was noted that a check was added to ensure the GICC Global...

Astra Linux – Vulnerability in libjpeg-turbo

Libjpeg-turbo 1.5.2 has a NULL Pointer Dereference issue in files jdpostct.c and jquant1.c, due to a malicious JPEG file...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: gpio: Restrict the use of GPIO chip IRQ members before initialization. The IRQ members of the GPIO chip are exposed before they can be fully initialized, which leads to race conditions. One such issue was observed with the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: LAG, fixed the logic for MLX5LAGFLAGNDEVSREADY Set MLX5LAGFLAGNDEVSREADY only if both devices are registered. This ensures that both ldev-pfMLX5LAGP0.dev and ldev-pfMLX5LAGP1.dev have valid pointers when...

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer. If...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - ice: xsk: disabling TXQ interrupts before flushing hardware settings. - iceqpdis attempts to stop a given queue pair that is a target of xsk pool attach/detach. One of the steps involved disabling interrupts on these queues...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fixed null pointer dereferencing in pinctrldttomap Here is the BUG report by KASAN regarding null pointer dereferencing: BUG: KASAN: nullptrderef in strcmp+0x2e/0x50 A read of size 1 was performed at address...

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...