Lucene search
K

272 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in evolution-data-server

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client by dereferencing a NULL pointer, by sending an invalid e.g., minimal CAPABILITY line during a connection attempt. This issue is related to the imapxfreecapability and imapxconnecttoserver functions...

5.9CVSS6.9AI score0.02123EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Avoid NULL dereference of btusbmtkclaimisointf In the btusbmtksetup function, we set btmtkdata-isopktintf to: usbifnumtoifdata-udev, MTKISOIFNUM This function may return NULL in some cases. Even when...

5.6AI score0.00155EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/09 1:16 a.m.8 views

CVE-2026-6666

A possible null pointer reference in PgBouncer before 1.25.2 could lead to a crash, if a server sends an error response without SQLSTATE field...

7.5CVSS5.8AI score0.00369EPSS
Exploits0References2
NVD
NVD
added 2026/05/01 6:16 p.m.8 views

CVE-2026-35233

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

4.4CVSS0.00108EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.8 views

Juniper Junos OS Multiple Vulnerabilities (JSA82973)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA82973 advisory. - Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root...

7.8CVSS7.3AI score0.40002EPSS
Exploits10References14
UbuntuCve
UbuntuCve
added 2026/04/24 3:16 p.m.7 views

CVE-2026-31562

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi struct, so this structure needs to be...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References5
CVE
CVE
added 2026/04/24 2:35 p.m.24 views

CVE-2026-31562

Summary: CVE-2026-31562 affects the Linux kernel DRM/mediatek DSI driver. A local attacker could trigger a NULL pointer dereference due to an uninitialized drvdata being read during mipi_dsi_host_register, causing a crash in mediatek-drm probe and blocking subsequent DRM operations. The fixed beh...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.13 views

PT-2026-34914

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/mediatek component where driver data is not stored before the mipi dsi host register function is invoked. This causes the mtk dsi bind function to attempt to...

7.8CVSS6AI score0.00164EPSS
Exploits0References144
EUVD
EUVD
added 2026/04/22 3:31 p.m.6 views

EUVD-2026-24841

In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...

5.6AI score0.00107EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/17 6:38 p.m.11 views

CVE-2026-28224 Firebird Null Pointer Dereference via CryptCallback causes DOS

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when the server receives an opcryptkeycallback packet without prior authentication, the portservercryptcallback handler is not initialized, resulting in a null pointer dereference and...

8.2CVSS5.7AI score0.00465EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/30 8:11 p.m.17 views

CVE-2026-32696 NanoMQ HTTP Auth: Missing username/password can trigger a NULL-pointer strlen() in auth_http.c:set_data(), causing a process crash — SIGSEGV, remotely triggerable

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In NanoMQ version 0.24.6, after enabling auth.httpauth HTTP authentication, when a client connects to the broker using MQTT CONNECT without providing username/password, and the configuration params uses the placeholders %u / %P...

3.1CVSS0.00399EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/03/20 12:24 a.m.5 views

SUSE CVE-2026-31973

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References3
NVD
NVD
added 2026/03/18 7:16 p.m.4 views

CVE-2026-31964

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. While most alignment records store DNA sequence and quality values, the format also allows them to om...

7.5CVSS0.00322EPSS
Exploits0References2
Amazon
Amazon
added 2026/03/06 12:0 a.m.5 views

Low: aide

Issue Overview: AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute...

6.2CVSS5.8AI score0.00216EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005637 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that...

5.5CVSS5.9AI score0.00153EPSS
Exploits0References4
NVD
NVD
added 2026/02/04 8:16 p.m.14 views

CVE-2025-68699

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions $share/. A malformed SUBSCRIBE topic such as $share/ab missing the second / is not strictly validated during the...

6.5CVSS0.00264EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/04 7:25 p.m.36 views

CVE-2025-68699 NanoMQ $share/ Subscription Validation and Forwarding Parsing Inconsistency: NULL Pointer Increment Causes Crash

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions $share/. A malformed SUBSCRIBE topic such as $share/ab missing the second / is not strictly validated during the...

6.5CVSS0.00264EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/02/04 4:0 p.m.5 views

CVE-2026-23041

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix NULL pointer crash in bnxtptpenable during error cleanup When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error path calls bnxtfreehwrmresources which destroys the DMA pool and...

5.3AI score0.00145EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005167)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005167 advisory. In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features wh...

5.5CVSS5.8AI score0.00208EPSS
Exploits0References4
NVD
NVD
added 2026/01/23 4:15 p.m.7 views

CVE-2026-22985

In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off are performed befor...

5.5CVSS0.00115EPSS
Exploits0References3
Rows per page
Query Builder