PT-2026-44093

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin LoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not...

EUVD-2026-18003

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

DEBIAN-CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

UBUNTU-CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

PT-2026-29587

Name of the Vulnerable Software and Affected Versions Mbed TLS versions through 3.6.5 and 4.0.0 Description A flaw exists in the distinguished name parsing functionality, leading to a NULL pointer dereference. This can allow an attacker to write to address 0. Recommendations Update to a version...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

Mbed TLS 安全漏洞

Mbed TLS is an open-source, portable, easy-to-use, readable, and flexible SSL library developed by Mbed TLS. Mbed TLS versions 3.6.5 and earlier, as well as 4.x to 4.0.0, have security vulnerabilities due to a nullable pointer dereferencing issue in resolvable name resolution. This vulnerability...

CVE-2026-34874

Mbed TLS versions affected: up to 3.6.5 and 4.x up to 4.0.0. The issue is a NULL pointer dereference in distinguished name parsing that can allow writing to address 0. This is a concrete vulnerability detail (affected component and root cause) and is described in both the CVE records and CVE List...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

CVE-2022-50743 erofs: Fix pcluster memleak when its block address is zero

In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-40963)

mips: bmips: BCM6358: Some device have CBR address set to 0 causing kernel panic when archsyncdmaforcpuall is called. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

CVE-2025-59437

The ip aka node-ip package through 2.0.1 in NPM might allow SSRF because the IP address value 0 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415. NOTE: in current versions of several applications, connection...

CVE-2025-59437

The ip aka node-ip package through 2.0.1 in NPM might allow SSRF because the IP address value 0 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415. NOTE: in current versions of several applications, connection...

CVE-2018-11710

soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation...

CVE-2023-53034

In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans There is a kernel API ntbmwcleartrans would pass 0 to both addr and size. This would make xlatepos negative. 23.734156 switchtec switchtec0: MW 0: part 0 addr...

assimp 安全漏洞

assimp is an assimp open source library. It is used to import and export various 3D model formats. A security vulnerability exists in assimp that stems from a read access conflict at address 0x000000000460, which points to page zero, indicating that the pointer dereference is null or invalid...

Staking functionality temporary blocking due to lack of address zero check

Lines of code Vulnerability details Impact Though lack of zero check issue for the addToBlacklist function is already at the automated findings output, I suppose it is necessary to show the importance of this check here. In case of accidental or malicious the BLACKLISTMANAGERROLE behavior the...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.323.8.1.el8 - rds: Fix lack of reentrancy for connection reset with dst addr zero Haakon Bugge Orabug: 35713696 CVE-2023-22024...