PT-2026-41469

Name of the Vulnerable Software and Affected Versions qs versions 6.11.1 through 6.15.1 Description The stringify function throws a TypeError when called with the options arrayFormat: 'comma' and encodeValuesOnly: true on an array containing null or undefined elements. This occurs because the...

CVE-2026-31471

In CVE-2026-31471, the Linux kernel’s xfrm: iptfs path had a use-after-free-like issue during IPTFS clone state setup. iptfs_clone_state() stored x->mode_data before allocating the reorder window; if allocation failed, the code freed the cloned state but left x->mode_data pointing at freed ...

CVE-2026-23350

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...

Next.js 安全漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js from 16.0.1 to 16.1.7 had a security vulnerability. This vulnerability stemmed from treating origin: null as an absent source during server-side CSRF validation, which could lead to bypassing source verification and triggerin...

MiracleLinux 9 : valkey-8.0.7-1.el9_7 (AXSA:2026-259:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-259:02 advisory. Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts CVE-2025-67733 valkey: Valkey: Denial of...

CVE-2026-22983

The CVE-2026-22983 entry refers to a Linux kernel issue where msg_get_inq was written in the callee, risking a NULL pointer dereference. The vulnerability is described as a kernel-internal variant of msghdr where callers reinitialize the field; fixing the write is intended to improve robustness a...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38167)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38167 advisory. - In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdrfirstde return value...

EUVD-2025-203332

In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse OpenJ9 consumers of OMR on Z processors incorrectly handles NUL 0x00 characters during the Latin-compatible charset UTF-8, ISO8859-1, ASCII, etc to IBM-1047/037 translation sequence. This can cause the...

Siemens SIMATIC S7-1500 Improper Check for Unusual or Exceptional Conditions (CVE-2019-19646)

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integritycheck PRAGMA command in certain cases of generated columns. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

AZL-68454 CVE-2025-61912 affecting package python-ldap 3.4.0-1

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...

EUVD-2022-3665

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the s390/sclp module not handling the NULL case before the SCCB presence check...

CVE-2024-0048

In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...

CVE-2025-21921 net: ethtool: netlink: Allow NULL nlattrs when getting a phy_device

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel that stems from the fecenetupdatecbd function not properly handling the return of NULL when calling...

CVE-2024-56702

In the Linux kernel, the following vulnerability has been resolved: bpf: Mark rawtp arguments with PTRMAYBENULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint argument may end up being...

CVE-2024-56611

CVE-2024-56611 is a Linux kernel issue. The bug was in mm/mempolicy: migrate_to_node() assumed at least one VMA in a MM, leading to a NULL dereference if find_vma() returns NULL. The fix mitigates an oops/general protection fault (non-canonical address 0xdffffc0000000000) by properly handling NUL...

SUSE CVE-2024-50277

In the Linux kernel, the following vulnerability has been resolved: dm: fix a crash if blkallocdisk fails If blkallocdisk fails, the variable md-disk is set to an error value. cleanupmappeddevice will see that md-disk is non-NULL and it will attempt to access it, causing a crash on this statement...

CVE-2024-42125

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband We have some policy via BIOS to block uses of 6 GHz. In this case, 6 GHz sband will be NULL even if it is WiFi 7 chip. So, add NULL handling here to avoid...

DEBIAN-CVE-2024-42125

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband We have some policy via BIOS to block uses of 6 GHz. In this case, 6 GHz sband will be NULL even if it is WiFi 7 chip. So, add NULL handling here to avoid...