Lucene search
+L

276 matches found

OSV
OSV
added 3 days ago3 views

CVE-2026-15352 NASA Core Flight System (cFS) Health & Safety (HS) Application NULL Pointer Dereference

A vulnerability exists in the Health & Safety HS application of NASA's Core Flight System cFS. The flaw allows the application to crash via segmentation fault when processing a routine Housekeeping Telemetry request, leading to denial of service...

8.2CVSS5.3AI score0.00358EPSS
Exploits0References5
OSV
OSV
added 2026/07/09 11:16 a.m.4 views

UBUNTU-CVE-2026-56288

GNU patch is vulnerable to a NULL pointer dereference when processing a specially crafted unified-diff patch file. Improper handling of consecutive end-of-file newline markers can corrupt internal hunk single block of changes in diff data structures, causing the application to pass a NULL pointer...

5.5CVSS6AI score0.00115EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:38 p.m.7 views

CVE-2026-56017

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...

7.5CVSS5.8AI score0.00488EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 7:38 p.m.6 views

CVE-2026-56017 JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...

7.5CVSS5.9AI score0.00488EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 7:38 p.m.25 views

CVE-2026-56017

JavaScript::Minifier::XS (Perl) is affected in versions before 0.16. The vulnerability arises when the first meaningful token is a slash; the JsTokenizeString logic examines the previous token and, with no valid preceding token, dereferences a NULL pointer, causing a crash. The public minify() AP...

7.5CVSS5.8AI score0.00488EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 5:40 a.m.8 views

BIT-ENVOY-2026-47221 Envoy: Null pointer deref in internal redirects

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vulnerability when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests...

7.5CVSS6AI score0.00445EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv...

5.5CVSS6.1AI score0.001EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 7:10 a.m.3 views

SUSE-SU-2026:2641-1 Security update for apache2

This update for apache2 fixes the following issues Update to 2.4.66 jscPED-16334: Security issues: - CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. - CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. - CVE-2026-28780: heap buffer overflow in...

9.8CVSS6.6AI score0.01376EPSS
Exploits2References26
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Avoid NULL dereference of btusbmtkclaimisointf In the btusbmtksetup function, we set btmtkdata-isopktintf to: usbifnumtoifdata-udev, MTKISOIFNUM This function may return NULL in some cases. Even when...

5.6AI score0.00161EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 3:13 p.m.9 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

5.3CVSS5.9AI score0.00514EPSS
Exploits0References5
CVE
CVE
added 2026/06/17 3:27 p.m.35 views

CVE-2026-1288

The CVE-2026-1288 entry concerns Autodesk Revit. A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Revit, can trigger a NULL pointer dereference in the processing path. Exploitation may crash the application, resulting in a denial-of-service condition. The pr...

5.5CVSS5.3AI score0.00116EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.12 views

CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

5.9CVSS5.5AI score0.00349EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.13 views

CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS5.5AI score0.00684EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.32 views

OpenSSL 1.1.1 < 1.1.1zh Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.1zh. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.1zh advisory. - Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption...

8.8CVSS6.9AI score0.02719EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.15 views

EulerOS Virtualization 2.12.0 : shim (EulerOS-SA-2026-2114)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impac...

7.5CVSS7.6AI score0.00844EPSS
Exploits1References2
OSV
OSV
added 2026/06/04 12:4 p.m.11 views

RLSA-2026:21433 Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due to missing null-termination...

8.2CVSS6.3AI score0.01376EPSS
Exploits0References6
OSV
OSV
added 2026/06/01 12:0 a.m.28 views

ALSA-2026:22140 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd:...

9.8CVSS7.3AI score0.04409EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.14 views

SUSE SLES15 Security Update : apache2 (SUSE-SU-2026:2103-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2103-1 advisory. This update for apache2 fixes the following issues - CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957....

9.8CVSS6.2AI score0.4581EPSS
Exploits18References34
NVD
NVD
added 2026/05/27 5:16 p.m.16 views

CVE-2025-70116

A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields e.g., codec/mime/profile strings. gfmediamapesd then calls strlen on a NULL pointer, triggering a crash ASan SEGV...

4.3CVSS0.00407EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in evolution-data-server

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client by dereferencing a NULL pointer, by sending an invalid e.g., minimal CAPABILITY line during a connection attempt. This issue is related to the imapxfreecapability and imapxconnecttoserver functions...

5.9CVSS6.9AI score0.02123EPSS
Exploits1References1
Rows per page
Query Builder