PT-2026-49270

A NULL pointer dereference in the TrackWriter handling component filters/mux isom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

PT-2026-49275

A NULL pointer dereference in the gf media map esd function media tools/isom tools.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

PT-2026-49269

A NULL pointer dereference in the gf isom copy sample info function isomedia/isom write.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

CVE-2025-55643

CVE-2025-55643 describes a NULL pointer dereference in the TrackWriter handling component (filters/mux_isom.c) of GPAC MP4Box v2.4. This defect can be triggered by processing a crafted MP4 file and leads to a Denial of Service. The issue is reported across multiple feeds (NVD, Debian/Ubuntu OSV e...

PT-2026-49283

Name of the Vulnerable Software and Affected Versions dhcpcd version 10.3.0 Description A NULL pointer dereference occurs during the parsing of configuration options. In the parse option function, the software performs a member access on a NULL pointer of type struct dhcp opt when an invalid opti...

CVE-2025-55641

CVE-2025-55641 describes a NULL pointer dereference in GPAC MP4Box v2.4, specifically in gf_isom_copy_sample_info (isomedia/isom_write.c). The issue allows a crafted MP4 file to trigger a Denial of Service. The available data identifies the vulnerable component and function, and the underlying ca...

CVE-2025-70102

CVE-2025-70102 describes a NULL pointer dereference in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 during option parsing (parse_option in src/if-options.c:1886). The issue occurs when a NULL pointer of type struct dhcp_opt is accessed after an unexpected/invalid option token or parsing state y...

RHEL 10 : kernel (RHSA-2026:25908)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25908 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: afcan: do not leave a...

SUSE SLES12 Security Update : mutt (SUSE-SU-2026:2300-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2300-1 advisory. This update for mutt fixes the following issues - CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. -...

SUSE SLED15 / SLES15 Security Update : mutt (SUSE-SU-2026:2301-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2301-1 advisory. This update for mutt fixes the following issues - CVE-2026-43859: strfcpy used instead of memcpy for the IMAP...

SUSE CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

SUSE CVE-2026-42766

Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is define...

SUSE CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

EUVD-2025-210132

Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64...

CVE-2025-7018

Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64...

CVE-2025-7018 Avira antivirus engine null pointer dereference when scanning a malformed PE file

Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64...

CVE-2025-7018 Avira antivirus engine null pointer dereference when scanning a malformed PE file

Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64...

CVE-2025-7018

CVE-2025-7018 is a null pointer dereference in Avira Antivirus engine when scanning malformed Windows PE files, potentially causing Denial-of-Service of the antivirus engine process. Affected product: Avira Antivirus across Windows, macOS, and Linux, with vulnerable engine builds prior to 8.3.70....

EUVD-2026-36469

unboundedspsc is an "unbounded" extension of boundedspscqueue. In versions 0.2.0 and prior, sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race. At time of publication, there are no publicly available patches...

OESA-2026-2664 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: FFmpeg 4.2 is affected ...