11953 matches found
CVE-2025-15514 Ollama Multi-Modal Model Image Processing NULL Pointer Dereference
Ollama 0.11.5-rc0 through current version 0.13.5 contain a null pointer dereference vulnerability in the multi-modal model image processing functionality. When processing base64-encoded image data via the /api/chat endpoint, the application fails to validate that the decoded data represents valid...
CVE-2025-15514
CVE-2025-15514 affects Ollama 0.11.5-rc0 through 0.13.5, with a null pointer dereference in multi‑modal image processing. Malformed base64 image data passed to /api/chat can cause mtmd_helper_bitmap_init_from_buf to return NULL and be dereferenced, triggering a segmentation fault and DoS. Mitigat...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the SubtableUnicodesCache::create function when memory allocation fails and the return value is not checked before object construction. An attacker can cause a segmentation fault and crash the process by...
CVE-2026-22693
HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construct an object at t...
UBUNTU-CVE-2026-22693
HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construct an object at t...
CVE-2026-22693
HarfBuzz text shaping engine contains a null pointer dereference in SubtableUnicodesCache::create (src/hb-ot-cmap-table.hh) that occurs when hb_malloc returns NULL before a placement new, leading to undefined behavior/segfault on low memory. This affects versions prior to 12.3.0 and has been fixe...
HarfBuzz 安全漏洞
HarfBuzz is HarfBuzz open source a text engine for OpenType fonts. HarfBuzz version before 12.3.0 has a security vulnerability , the vulnerability stems from the SubtableUnicodesCache::create function does not check the hbmalloc return value , which may lead to null pointer dereferencing and...
mnl has segmentation fault and invalid memory read in `mnl::cb_run`
The function mnl::cbrun is marked as safe but exhibits unsound behavior when processing malformed Netlink message buffers. Passing a crafted byte slice to mnl::cbrun can trigger memory violations. The function does not sufficiently validate the input buffer structure before processing, leading to...
EUVD-2026-1690
mnl has segmentation fault and invalid memory read in mnl::cbrun...
GHSA-585Q-CM62-757J mnl has segmentation fault and invalid memory read in `mnl::cb_run`
The function mnl::cbrun is marked as safe but exhibits unsound behavior when processing malformed Netlink message buffers. Passing a crafted byte slice to mnl::cbrun can trigger memory violations. The function does not sufficiently validate the input buffer structure before processing, leading to...
CVE-2023-45922
glxpbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling glXGetDrawableAttribute. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
CVE-2018-12916
In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in pbcPmessagedefault in proto.c...
CVE-2018-1000661
jsish version 2.4.67 contains a CWE-476: NULL Pointer Dereference vulnerability in JsiLogMsg jsiUtils.c:196 that can result in Crash due to segmentation fault. This attack appear to be exploitable via the victim executing specially crafted javascript code. This vulnerability appears to have been...
CVE-2018-19888
An invalid memory address dereference was discovered in the huffcode function libfaac/huff2.c in Freeware Advanced Audio Coder FAAC 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the HCBESC case...
CVE-2018-19889
An invalid memory address dereference was discovered in the huffcode function libfaac/huff2.c in Freeware Advanced Audio Coder FAAC 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 6 case...
CVE-2018-19887
An invalid memory address dereference was discovered in the huffcode function libfaac/huff2.c in Freeware Advanced Audio Coder FAAC 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 4 case...
CVE-2009-4329
Unspecified vulnerability in the Engine Utilities component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service segmentation fault by modifying the db2ra data stream sent in a request from the Load Utility...
CVE-2025-40930
JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact...
CVE-2022-38497
LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69...
CVE-2022-38152
An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSLclear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct...