OpenSSL 代码问题漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

MiracleLinux 8 : compat-openssl10-1.0.2o-4.el8_10.2 (AXSA:2026-770:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-770:01 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding...

EulerOS 2.0 SP11 : openssl (EulerOS-SA-2026-2258)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the require...

OpenSSL 1.0.2 < 1.0.2zq Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2zq. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2zq advisory. - Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption...

OpenSSL 1.1.1 < 1.1.1zh Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.1zh. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.1zh advisory. - Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption...

Adobe Dreamweaver 21.0 < 21.8 Multiple Vulnerabilities (APSB26-62) (macOS)

The version of Adobe Dreamweaver installed on the remote macOS host is prior to 21.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-62 advisory. - Dreamweaver Desktop versions 21.7 and earlier are affected by an Access of Uninitialized Pointer vulnerability th...

Microsoft Office Word 资源管理错误漏洞

Microsoft Office Word is a word processing software developed by Microsoft. There is a resource management vulnerability in Microsoft Office Word, which stems from an untrusted pointer dereferencing. This vulnerability may allow unauthorized attackers to execute code locally...

Microsoft Office Word 安全漏洞

Microsoft Office Word is a word processing software developed by Microsoft. There is a security vulnerability in Microsoft Office Word, which stems from an unreliable pointer dereferencing. This vulnerability may allow unauthorized attackers to execute code locally...

Adobe InDesign Desktop 代码问题漏洞

Adobe InDesign Desktop is a page layout software developed by Adobe, a company based in America. Versions of Adobe InDesign Desktop such as 21.3, 20.5.3, and earlier versions have code vulnerabilities. These vulnerabilities stem from null pointer dereferencing issues, which can lead to applicatio...

Adobe InDesign Desktop 代码问题漏洞

Adobe InDesign Desktop is a page layout software developed by Adobe, a company based in America. Versions of Adobe InDesign Desktop such as 21.3, 20.5.3, and earlier versions have code vulnerabilities. These vulnerabilities stem from null pointer dereferencing issues, which can lead to applicatio...

MongoDB Server 代码问题漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a code vulnerability in MongoDB Server, which stems from the 2dsphere...

OpenSSL 代码问题漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team, capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure hash...

Security Updates for Microsoft Word Products (June 2026)

The Microsoft Word Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-45456, CVE-2026-45458 - Untrust...

Adobe InDesign < 20.5.4 / 21.0 < 21.4.0 Multiple Vulnerabilities (APSB26-58)

The version of Adobe InDesign installed on the remote Windows host is prior to 20.5.4, 21.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-58 advisory. - InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability...

UBUNTU-CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

UBUNTU-CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

MongoDB Server 代码问题漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. Version 8.0 of MongoDB Server contains a code vulnerability. This vulnerability...

CVE-2026-46278

A flaw was found in the Linux kernel's drm/imagination driver. A local user could trigger a kernel NULL pointer dereference by providing invalid data when updating the ftrace mask through a debugfs entry. This vulnerability can lead to a system crash, resulting in a Denial of Service DoS...

Security Bulletin: IBM i is Affected By NULL Pointer Dereference, Use Afer Free, and Out-of-Bounds Write Vulnerabilities in OpenSSL [CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-28387, CVE-2026-31789]

Summary OpenSSL for IBM i is vulnerable to NULL pointer derefences when processing either a delta CRL indicator extension CVE-2026-28388 or CMS EnvelopedData message with KeyAgreeRecipientInfo CVE-2026-28389, CVE-2026-28390, and use after free when using DANE TLSA-based server authentication...

CVE-2026-46282

A flaw was found in the Linux kernel's iio: frequency: admv1013 driver. This vulnerability occurs when the system attempts to read a device property, and an uninitialized string is used, leading to a NULL pointer dereference. This could allow a local attacker to trigger a system crash, resulting ...