Lucene search
K

272 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race The function sgremovesfpusercontext must not use sgdeviceDestroy after calling scsidevicePut. sgdeviceDestroy accesses the parent scsidevice request queue, which will already be set to NULL...

4.7CVSS6.2AI score0.00227EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/09 1:16 a.m.9 views

CVE-2026-6666

A possible null pointer reference in PgBouncer before 1.25.2 could lead to a crash, if a server sends an error response without SQLSTATE field...

7.5CVSS5.8AI score0.00369EPSS
Exploits0References2
NVD
NVD
added 2026/05/01 6:16 p.m.8 views

CVE-2026-35233

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

4.4CVSS0.00108EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.8 views

Juniper Junos OS Multiple Vulnerabilities (JSA82973)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA82973 advisory. - Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root...

7.8CVSS7.3AI score0.40002EPSS
Exploits10References14
UbuntuCve
UbuntuCve
added 2026/04/24 3:16 p.m.7 views

CVE-2026-31562

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi struct, so this structure needs to be...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References5
CVE
CVE
added 2026/04/24 2:35 p.m.24 views

CVE-2026-31562

Summary: CVE-2026-31562 affects the Linux kernel DRM/mediatek DSI driver. A local attacker could trigger a NULL pointer dereference due to an uninitialized drvdata being read during mipi_dsi_host_register, causing a crash in mediatek-drm probe and blocking subsequent DRM operations. The fixed beh...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.13 views

PT-2026-34914

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/mediatek component where driver data is not stored before the mipi dsi host register function is invoked. This causes the mtk dsi bind function to attempt to...

7.8CVSS6AI score0.00164EPSS
Exploits0References144
EUVD
EUVD
added 2026/04/22 3:31 p.m.6 views

EUVD-2026-24841

In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...

5.6AI score0.00107EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/17 6:38 p.m.11 views

CVE-2026-28224 Firebird Null Pointer Dereference via CryptCallback causes DOS

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when the server receives an opcryptkeycallback packet without prior authentication, the portservercryptcallback handler is not initialized, resulting in a null pointer dereference and...

8.2CVSS5.7AI score0.00465EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/30 8:11 p.m.18 views

CVE-2026-32696 NanoMQ HTTP Auth: Missing username/password can trigger a NULL-pointer strlen() in auth_http.c:set_data(), causing a process crash — SIGSEGV, remotely triggerable

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In NanoMQ version 0.24.6, after enabling auth.httpauth HTTP authentication, when a client connects to the broker using MQTT CONNECT without providing username/password, and the configuration params uses the placeholders %u / %P...

3.1CVSS0.00399EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/03/20 12:24 a.m.5 views

SUSE CVE-2026-31973

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References3
NVD
NVD
added 2026/03/18 7:16 p.m.5 views

CVE-2026-31964

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. While most alignment records store DNA sequence and quality values, the format also allows them to om...

7.5CVSS0.00322EPSS
Exploits0References2
Amazon
Amazon
added 2026/03/06 12:0 a.m.5 views

Low: aide

Issue Overview: AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute...

6.2CVSS5.8AI score0.00216EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005637 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that...

5.5CVSS5.9AI score0.00153EPSS
Exploits0References4
NVD
NVD
added 2026/02/04 8:16 p.m.14 views

CVE-2025-68699

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions $share/. A malformed SUBSCRIBE topic such as $share/ab missing the second / is not strictly validated during the...

6.5CVSS0.00264EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/04 7:25 p.m.41 views

CVE-2025-68699 NanoMQ $share/ Subscription Validation and Forwarding Parsing Inconsistency: NULL Pointer Increment Causes Crash

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions $share/. A malformed SUBSCRIBE topic such as $share/ab missing the second / is not strictly validated during the...

6.5CVSS0.00264EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/02/04 4:0 p.m.5 views

CVE-2026-23041

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix NULL pointer crash in bnxtptpenable during error cleanup When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error path calls bnxtfreehwrmresources which destroys the DMA pool and...

5.3AI score0.00145EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005167)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005167 advisory. In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features wh...

5.5CVSS5.8AI score0.00208EPSS
Exploits0References4
NVD
NVD
added 2026/01/23 4:15 p.m.7 views

CVE-2026-22985

In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off are performed befor...

5.5CVSS0.00115EPSS
Exploits0References3
OSV
OSV
added 2026/01/23 3:24 p.m.6 views

CVE-2026-22985 idpf: Fix RSS LUT NULL pointer crash on early ethtool operations

In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off are performed befor...

5.5CVSS5.4AI score0.00115EPSS
Exploits0References6
Rows per page
Query Builder