JLSEC-2026-566 In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success...

In GnuPG before 2.5.17, a long signature packet length causes parsesignature to return success with sig-data set to a NULL value, leading to a denial of service application crash...

DEBIAN-CVE-2024-42328

When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is set to NULL and is allocated only in curlwritecb when receiving data. If the server's response is an empty document, then wd-data in the code below will remain NULL and an attempt to read from it will...