Lucene search
K

34509 matches found

NVD
NVD
added 2026/07/01 10:16 p.m.6 views

CVE-2026-36909

A NULL pointer dereference in the AP4TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.2CVSS0.0012EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 10:16 p.m.4 views

CVE-2026-36912

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS0.00343EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/01 7:52 p.m.8 views

CVE-2026-53348

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC SoundWire Digital Audio SDCA component. The sdcadevunregisterfunctions function does not properly check for NULL function device entries during unregistration. This oversight can lead to a NULL point...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/01 7:52 p.m.7 views

CVE-2026-53338

A flaw was found in the Linux kernel's Airoha QDMA driver. This vulnerability occurs when the ofreservedmemlookup function returns a NULL pointer, indicating that a referenced reserved memory region is not found. The driver then attempts to dereference this NULL pointer, leading to a kernel NULL...

5.8AI score0.00154EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/01 7:42 p.m.6 views

CVE-2026-53335

A flaw was found in the Linux kernel. The DAMONLRUSORT component, responsible for memory management, does not properly handle allocation failures of the damonctx object. This can lead to a NULL pointer dereference when damoncommitctx is called with a NULL ctx pointer, potentially causing a system...

5.8AI score0.00166EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 5:42 p.m.7 views

EUVD-2025-31206

Open Babel has out-of-bounds read in PQS lowerit pre-buffer read...

5.5CVSS5.7AI score0.00189EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/07/01 5:14 p.m.9 views

Important: Red Hat Security Advisory: php:7.4 security update

An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.4AI score0.0078EPSS
Exploits1References8
OSV
OSV
added 2026/07/01 2:46 p.m.5 views

USN-8489-1 linux-oem-7.0 vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

9.8CVSS7.2AI score0.93235EPSS
Exploits67References166
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.5 views

CVE-2026-53339

In the Linux kernel, the following vulnerability has been resolved: i2c: qcom-cci: Fix NULL pointer dereference in cciremove On all modern platforms Qualcomm CCI controller provides two I2C masters, and on particular boards only one I2C master may be initialized, and in such cases the device...

5.7AI score0.00164EPSS
Exploits0
EUVD
EUVD
added 2026/07/01 1:32 p.m.8 views

EUVD-2026-40971

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL pointer dereference in bonddoioctl In bonddoioctl, slavedev is obtained via devgetbyname which can return NULL if the requested interface name does not exist. However, the subsequent slavedbg call is placed...

5.8AI score0.00164EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/01 9:31 a.m.4 views

httpd: NULL pointer dereference via specially crafted request

A flaw was found in the moddavlock module of httpd. This vulnerability allows a remote unauthenticated attacker to crash the server due to a NULL pointer dereference via a specially crafted request...

7.5CVSS7.1AI score0.00594EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/01 12:0 a.m.33 views

CVE-2026-36909

A NULL pointer dereference in the AP4TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.0012EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.3 views

RockyLinux 8 : php:7.4 (RLSA-2026:34354)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:34354 advisory. php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via imprope...

9.8CVSS7.1AI score0.0078EPSS
Exploits1References13
CVE
CVE
added 2026/07/01 12:0 a.m.11 views

CVE-2026-36909

Summary of CVE-2026-36909 (MPC-BE): A NULL pointer dereference in the AP4_TkhdAtom::GetTrackId() function in Aleksoid1978 MPC-BE prior to commit 4341cb3 allows a crafted MP4 file to trigger a Denial of Service. Affected component: MPC-BE (Aleksoid1978). Root cause: NULL pointer dereference in Get...

6.2CVSS5.8AI score0.0012EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/30 6:47 p.m.5 views

EUVD-2026-9141

Open Babel has a NULL pointer dereference in CDXML OBAtom::GetExplicitValence...

6.5CVSS5.8AI score0.00394EPSS
Exploits1References9
EUVD
EUVD
added 2026/06/30 3:56 p.m.6 views

EUVD-2026-40357

Woodpecker before 3.15.0 registers the /api/orgs/lookup/orgfullname endpoint without authentication middleware, and the LookupOrg handler unconditionally dereferences the session user user.ForgeID, via ForgeFromUser when selecting the forge to query. For an unauthenticated request session.User...

6.9CVSS5.8AI score0.00362EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 3:56 p.m.47 views

CVE-2026-58369 Woodpecker < 3.15.0 - Unauthenticated NULL Pointer Dereference in /api/orgs/lookup Enables Log-Flooding Denial of Service

Woodpecker before 3.15.0 registers the /api/orgs/lookup/orgfullname endpoint without authentication middleware, and the LookupOrg handler unconditionally dereferences the session user user.ForgeID, via ForgeFromUser when selecting the forge to query. For an unauthenticated request session.User...

6.9CVSS0.00362EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 11:29 a.m.2 views

OPENSUSE-SU-2026:21179-1 Security update for lrzip

This update for lrzip fixes the following issues: Changes in lrzip: - Update to version 0.660: Do not clean up thread structures in decompression failure conditions, fixing a use-after-free in lzmadecompressbuf and a NULL pointer dereference in ucompthread on corrupt/malicious archives...

7.8CVSS5.8AI score0.00243EPSS
Exploits3References6
OSV
OSV
added 2026/06/30 12:0 a.m.3 views

ALSA-2026:33449 Important: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via improper handling of signed characters in ctype...

9.8CVSS7.1AI score0.0078EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-53299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: airoha: Move ndesc initialization at end of airohaqdmainittx If queue entry list allocation fails in airohaqdmainittxqueue routine, airohaqdmacleanuptxqueu...

5.5CVSS6.1AI score0.00121EPSS
Exploits0References2
Rows per page
Query Builder