31622 matches found
CVE-2026-42767
Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...
USN-8414-1: OpenSSL vulnerabilities
Frank Buss discovered that OpenSSL had a heap buffer over-read in ASN.1 content parsing. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or obtain sensitive information. CVE-2026-34180 Pavol Zacik and Alex Gaynor discovered that OpenSSL...
USN-8414-1 openssl vulnerabilities
Frank Buss discovered that OpenSSL had a heap buffer over-read in ASN.1 content parsing. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or obtain sensitive information. CVE-2026-34180 Pavol Zacik and Alex Gaynor discovered that OpenSSL...
CVE-2026-42903
Windows Kerberos in Windows is affected by CVE-2026-42903, a null pointer dereference that can be exploited by an authorized attacker over the network to cause a denial of service. The CVSS data indicates network access with low attack complexity, low privileges required, no user interaction, and...
EUVD-2026-35592
Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network...
CVE-2026-42766
The CVE-2026-42766 entry documents a NULL pointer dereference in OpenSSL’s CMS decryption for password-based CMS messages. Specifically, PasswordRecipientInfo.keyDerivationAlgorithm is OPTIONAL and may be absent; OpenSSL’s CMS decryption dereferences this field without checking, triggering an app...
CVE-2025-55651
CVE-2025-55651 describes a NULL pointer dereference in GPAC MP4Box v2.4, within gf_isom_get_user_data_count (isomedia/isom_read.c). The vulnerability can cause a Denial of Service when processing a crafted MP4 file. The connected sources confirm a PoC exists, but no specific patch/version or reme...
PT-2026-48159
Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A NULL pointer dereference occurs in the gf isom get user data count function within the isomedia/isom read.c file. This issue allows attackers to cause a Denial of Service DoS, which is a condition where a...
PT-2026-47882
Name of the Vulnerable Software and Affected Versions Windows Kerberos affected versions not specified Description A null pointer dereference in Windows Kerberos allows an authorized attacker to cause a denial of service over a network. A null pointer dereference occurs when a program attempts to...
CVE-2025-55651
A NULL pointer dereference in the gfisomgetuserdatacount function isomedia/isomread.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
OpenSSL 代码问题漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
MongoDB Server 代码问题漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a code vulnerability in MongoDB Server, which stems from the 2dsphere...
MongoDB Server 代码问题漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. Version 8.0 of MongoDB Server contains a code vulnerability. This vulnerability...
GPAC MP4Box 代码问题漏洞
GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Version 2.4 of GPAC MP4Box has a code vulnerability cause...
PT-2026-47834
Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A NULL pointer dereference occurs in the OpenSSL QUIC server when receiving a QUIC initial packet containing an invalid or expired token. This issue is triggered specifically when address...
PT-2026-47837
Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A NULL pointer dereference can occur in a CMP client application when processing a crafted CMP response. An attacker controlling a CMP server or acting as a man-in-the-middle can send a CRMF...
CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
PT-2026-48141
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this...
CVE-2025-55657
GPAC MP4Box v2.4 is affected by a NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c), leading to Denial of Service when processing a crafted MP4 file. The issue’s root cause is in the handling of ODF VVC descriptor writes; exploitation details are not provided in...
PT-2026-47835
Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...