Lucene search
K

11953 matches found

Cvelist
Cvelist
added 2026/01/12 11:3 p.m.21 views

CVE-2025-15514 Ollama Multi-Modal Model Image Processing NULL Pointer Dereference

Ollama 0.11.5-rc0 through current version 0.13.5 contain a null pointer dereference vulnerability in the multi-modal model image processing functionality. When processing base64-encoded image data via the /api/chat endpoint, the application fails to validate that the decoded data represents valid...

8.7CVSS0.00698EPSS
Exploits1References4
CVE
CVE
added 2026/01/12 11:3 p.m.26 views

CVE-2025-15514

CVE-2025-15514 affects Ollama 0.11.5-rc0 through 0.13.5, with a null pointer dereference in multi‑modal image processing. Malformed base64 image data passed to /api/chat can cause mtmd_helper_bitmap_init_from_buf to return NULL and be dereferenced, triggering a segmentation fault and DoS. Mitigat...

8.7CVSS6.6AI score0.00698EPSS
Exploits1References7Affected Software1
Snyk
Snyk
added 2026/01/10 6:51 a.m.5 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the SubtableUnicodesCache::create function when memory allocation fails and the return value is not checked before object construction. An attacker can cause a segmentation fault and crash the process by...

6.9CVSS6.7AI score0.00377EPSS
Exploits1References2
NVD
NVD
added 2026/01/10 6:15 a.m.6 views

CVE-2026-22693

HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construct an object at t...

5.3CVSS0.00377EPSS
Exploits1References4
OSV
OSV
added 2026/01/10 6:15 a.m.3 views

UBUNTU-CVE-2026-22693

HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construct an object at t...

5.3CVSS5.8AI score0.00377EPSS
Exploits1References4
CVE
CVE
added 2026/01/10 5:53 a.m.49 views

CVE-2026-22693

HarfBuzz text shaping engine contains a null pointer dereference in SubtableUnicodesCache::create (src/hb-ot-cmap-table.hh) that occurs when hb_malloc returns NULL before a placement new, leading to undefined behavior/segfault on low memory. This affects versions prior to 12.3.0 and has been fixe...

5.3CVSS6.7AI score0.00377EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.4 views

HarfBuzz 安全漏洞

HarfBuzz is HarfBuzz open source a text engine for OpenType fonts. HarfBuzz version before 12.3.0 has a security vulnerability , the vulnerability stems from the SubtableUnicodesCache::create function does not check the hbmalloc return value , which may lead to null pointer dereferencing and...

5.3CVSS6.4AI score0.00377EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/01/09 7:53 p.m.9 views

mnl has segmentation fault and invalid memory read in `mnl::cb_run`

The function mnl::cbrun is marked as safe but exhibits unsound behavior when processing malformed Netlink message buffers. Passing a crafted byte slice to mnl::cbrun can trigger memory violations. The function does not sufficiently validate the input buffer structure before processing, leading to...

7AI score
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/01/09 7:53 p.m.3 views

EUVD-2026-1690

mnl has segmentation fault and invalid memory read in mnl::cbrun...

6.4AI score
Exploits0References3
OSV
OSV
added 2026/01/09 7:53 p.m.1 views

GHSA-585Q-CM62-757J mnl has segmentation fault and invalid memory read in `mnl::cb_run`

The function mnl::cbrun is marked as safe but exhibits unsound behavior when processing malformed Netlink message buffers. Passing a crafted byte slice to mnl::cbrun can trigger memory violations. The function does not sufficiently validate the input buffer structure before processing, leading to...

5.1CVSS6.8AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.4 views

CVE-2023-45922

glxpbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling glXGetDrawableAttribute. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...

4.3CVSS7.1AI score0.00536EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:26 p.m.8 views

CVE-2018-12916

In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in pbcPmessagedefault in proto.c...

9.8CVSS6.9AI score0.01466EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:16 p.m.9 views

CVE-2018-1000661

jsish version 2.4.67 contains a CWE-476: NULL Pointer Dereference vulnerability in JsiLogMsg jsiUtils.c:196 that can result in Crash due to segmentation fault. This attack appear to be exploitable via the victim executing specially crafted javascript code. This vulnerability appears to have been...

6.5CVSS6.9AI score0.00856EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:1 p.m.9 views

CVE-2018-19888

An invalid memory address dereference was discovered in the huffcode function libfaac/huff2.c in Freeware Advanced Audio Coder FAAC 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the HCBESC case...

5.5CVSS6.7AI score0.00867EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:59 a.m.8 views

CVE-2018-19889

An invalid memory address dereference was discovered in the huffcode function libfaac/huff2.c in Freeware Advanced Audio Coder FAAC 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 6 case...

5.5CVSS6.7AI score0.00872EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:58 a.m.6 views

CVE-2018-19887

An invalid memory address dereference was discovered in the huffcode function libfaac/huff2.c in Freeware Advanced Audio Coder FAAC 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 4 case...

5.5CVSS6.7AI score0.00872EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:53 a.m.10 views

CVE-2009-4329

Unspecified vulnerability in the Engine Utilities component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service segmentation fault by modifying the db2ra data stream sent in a request from the Load Utility...

4CVSS6.2AI score0.02074EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.7 views

CVE-2025-40930

JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact...

7.5CVSS7.3AI score0.0063EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.4 views

CVE-2022-38497

LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69...

5.5CVSS7.2AI score0.00287EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.11 views

CVE-2022-38152

An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSLclear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct...

7.5CVSS6.7AI score0.02044EPSS
Exploits2References1
Rows per page
Query Builder