272 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-38220
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally...
Linux Distros Unpatched Vulnerability : CVE-2024-26874
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/mediatek: Fix a null pointer crash in mtkdrmcrtcfinishpageflip It's possible that mtkcrtc-event is NULL in mtkdrmcrtcfinishpageflip. pendingneedsvblank valu...
Linux Distros Unpatched Vulnerability : CVE-2021-46964
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Reserve extra IRQ vectors Commit a6dcfe08487e scsi: qla2xxx: Limit interrupt...
Linux Distros Unpatched Vulnerability : CVE-2025-37755
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: libwx: handle pagepooldevallocpages error pagepooldevallocpages could return NULL. Ther...
Linux Distros Unpatched Vulnerability : CVE-2022-49228
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with...
CVE-2025-47808
In GStreamer through 1.26.1, the subparse plugin's tmplayerparseline function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...
CVE-2025-53011
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...
CVE-2025-53011 MaterialX is Vulnerable to NULL Pointer Dereference due to Unchecked implGraphOutput
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...
CVE-2025-53010 MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...
CVE-2025-48073 OpenEXR ScanLineProcess::run_fill NULL Pointer Write In "reduceMemory" Mode
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a...
SUSE CVE-2024-38536
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A memory allocation failure due to http.memcap being reached leads to a NULL-ptr reference leading to a crash. Upgrade to 7.0.6...
CVE-2025-38442 block: reject bs > ps block devices when THP is disabled
In the Linux kernel, the following vulnerability has been resolved: block: reject bs ps block devices when THP is disabled If THP is disabled and when a block device with logical block size page size is present, the following null ptr deref panic happens during boot: 13.2 mK AOSAN: null-ptr-deref...
DEBIAN-CVE-2025-38420
In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...
DEBIAN-CVE-2025-38387
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize objevent-objsublist before xainsert The objevent may be loaded immediately after inserted, then if the listhead is not initialized then we may get a poisonous pointer. This fixes the crash below: mlx5core...
Azure Linux 3.0 Security Update: glibc (CVE-2024-33600)
The version of glibc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-33600 advisory. - nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's nscd cache fails to add...
SUSE CVE-2025-38299
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case the codec dainame will be null. Avoid a crash if the device tree is not assigning a codec to these links...
CVE-2025-38186
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix double invocation of bnxtulpstop/bnxtulpstart Before the commit under the Fixes tag below, bnxtulpstop and bnxtulpstart were always invoked in pairs. After that commit, the new bnxtulprestart can be invoked after...
DEBIAN-CVE-2025-53603
In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via a request in which a parameter in the query string is a duplicate of a parameter in the POST body...
SUSE CVE-2022-50075
In the Linux kernel, the following vulnerability has been resolved: tracing/eprobes: Have event probes be consistent with kprobes and uprobes Currently, if a symbol "@" is attempted to be used with an event probe eprobes, it will cause a NULL pointer dereference crash. Both kprobes and uprobes ca...
DEBIAN-CVE-2022-50218
In the Linux kernel, the following vulnerability has been resolved: iio: light: isl29028: Fix the warning in isl29028remove The driver use the non-managed form of the register function in isl29028remove. To keep the release order as mirroring the ordering in probe, the driver should use non-manag...