Linux Distros Unpatched Vulnerability : CVE-2026-45874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phy: freescale: imx8qm-hsio: fix NULL pointer dereference During the probe the refclkpad pointer is set to NULL if the 'fsl,refclk-pad-mode' property is not...

Linux Distros Unpatched Vulnerability : CVE-2025-71313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may le...

AlmaLinux 9 : compat-openssl11 (ALSA-2026:22313)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:22313 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding description...

Linux Distros Unpatched Vulnerability : CVE-2026-46034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vfio/cdx: Fix NULL pointer dereference in interrupt trigger path Add validation to ensure MSI is configured before accessing cdxirqs array in...

Oracle Linux 8 : compat-openssl10 (ELSA-2026-22315)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-22315 advisory. 1.1.0.2o-4.2 - Fixes CVE-2026-28390: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing Resolves: RHEL-165754 Tenable has...

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

PT-2026-46032

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the k230 pinctrl driver during the probing process when parsing the devicetree. The issue arises within the k230 pinctrl parse functions function,...

Linux Distros Unpatched Vulnerability : CVE-2025-71308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However,...

Linux Distros Unpatched Vulnerability : CVE-2025-71307

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix NULL pointer dereference on panthorfwunplug This patch removes the MCU halt...

Linux Distros Unpatched Vulnerability : CVE-2026-45966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file...

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

PT-2026-45933

A NULL pointer dereference in the gf filter pid resolve file template ex function /filter core/filter pid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

Linux Distros Unpatched Vulnerability : CVE-2026-10298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whispermodelload of the file ggml/src/ggml.c. T...

PT-2026-46024

In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm fiu probe platform get resource byname can return NULL, which would cause a crash when passed the pointer to resource size. Move the fiu-memory size assignment after t...

CVE-2025-60477

Summary: CVE-2025-60477 arises from a NULL pointer dereference in GPAC Project/MP4Box, specifically in the function gf_filter_pid_resolve_file_template_ex (file: filter_core/filter_pid.c). The issue affects MP4Box builds prior to version 26.02.0 and allows an attacker to cause a Denial of Service...

PT-2026-46008

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference exists in the AMD display Hot Plug Detect HPD initialization. The function amdgpu dm hpd init may encounter connectors that lack a valid dc link. While the cod...

Linux Distros Unpatched Vulnerability : CVE-2026-46118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pseries/papr-hvpipe: Fix null ptr deref in paprhvpipedevcreatehandle commit 6d3789d347a7 papr- hvpipe: convert paprhvpipedevcreatehandle to FDPREPARE, changed t...

MiracleLinux 8 : php:8.2 (AXSA:2026-752:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-752:01 advisory. PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting...

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...