31659 matches found
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
CVE-2026-10659
The CVE concerns Zephyr’s Dhara FTL disk driver (drivers/disk/ftl_dhara.c). On flash read errors, the driver previously wrote error codes unconditionally to a caller-supplied err pointer, and the journal-resume path forwarded NULL into dhara_nand_read(), causing a NULL dereference during disk ini...
RLSA-2026:34109 Important: httpd security, bug fix, and enhancement update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: incomplete fix for CVE-2023-38709 CVE-2024-42516 httpd: NULL pointer dereference via specially crafted request CVE-2026-29169 httpd: Apache HTTP Server: Heap-based Buffer...
CVE-2026-50810
The CVE-2026-50810 entry affects GPAC: a NULL pointer dereference in smooth_parse_stream_index() within src/media_tools/mpd.c on GPAC master HEAD prior to commit b35c61f104b85fbb16520ac2838d5d2ef70845b5, allowing a denial of service. Affected component is the MPD parsing path; root cause is deref...
CVE-2026-48267
DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue...
EUVD-2026-41920
DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue...
DEBIAN-CVE-2026-14790
A flaw has been found in GPAC 26.02.0. This affects the function nhmldumpsendframe of the file src/filters/writenhml.c of the component Media File Handler. Executing a manipulation can lead to null pointer dereference. The attack requires local access. The exploit has been published and may be...
CVE-2026-38976
CVE-2026-38976 affects mrubyc up to version 3.4.1, with a NULL pointer dereference in src/vm.c (op_super/OP_SUPER) caused by a missing runtime guard for top-level super. Impact aligns with CVSS v3.1: HIGH (availability impact, no confidentiality/integrity impact). Connected documents consistently...
CVE-2026-38976
mrubyc through 3.4.1 was found to contain a NULL pointer dereference in src/vm.c in opsuper / OPSUPER due to a missing runtime guard for top-level super...
Ubuntu 24.04 LTS : Linux kernel (Xilinx) vulnerabilities (USN-8499-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8499-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...
CVE-2026-13084
A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...
CVE-2026-12166 CVE-2026-12166
A NULL pointer dereference vulnerability for driver GFACSysx64.sys in Little Orbit GFAC allows a local attacker to cause a denial of service via crafted requests that trigger a system crash...
CVE-2026-12166 CVE-2026-12166
A NULL pointer dereference vulnerability for driver GFACSysx64.sys in Little Orbit GFAC allows a local attacker to cause a denial of service via crafted requests that trigger a system crash...
CVE-2026-12166
CVE-2026-12166 concerns a NULL pointer dereference in the Little Orbit GFAC driver GFAC_Sys_x64.sys that allows a local attacker to crash the system (DoS) via crafted requests. Related entries for the same GFAC driver describe additional local‑privilege/privilege‑escalation vectors: CVE-2026-1216...
EUVD-2026-41377
A NULL pointer dereference vulnerability for driver GFACSysx64.sys in Little Orbit GFAC allows a local attacker to cause a denial of service via crafted requests that trigger a system crash...
EUVD-2026-41219
A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
Linux Distros Unpatched Vulnerability : CVE-2026-53339
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2c: qcom-cci: Fix NULL pointer dereference in cciremove On all modern platforms Qualcomm CCI controller provides two I2C masters, and on particular boards only...
Linux Distros Unpatched Vulnerability : CVE-2026-53337
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bonding: fix NULL pointer dereference in bonddoioctl In bonddoioctl, slavedev is obtained via devgetbyname which can return NULL if the requested interfac...
UBUNTU-CVE-2026-53337
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL pointer dereference in bonddoioctl In bonddoioctl, slavedev is obtained via devgetbyname which can return NULL if the requested interface name does not exist. However, the subsequent slavedbg call is placed...
UBUNTU-CVE-2026-53335
In the Linux kernel, the following vulnerability has been resolved: mm/damon/lrusort: handle ctx allocation failure DAMONLRUSORT allocates the damonctx object for its kdamond in its init function. damonlrusortenabledstore wrongly assumes the allocation will always succeed once tried. If the...