CVE-2026-46282

CVE-2026-46282 affects the Linux kernel IIO: frequency driver for admv1013. The root cause was a NULL/garbage pointer dereference when device_property_read_string() fails, leading to a dereference in strcmp. The fix consolidates the SE mode enums into a single sequential enum and replaces the man...

JLSEC-2026-590

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in ifcondition in modules/preprocs/nasm/nasm-pp.c...

JLSEC-2026-593

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasmexprcopyexcept in libyasm/expr.c...

JLSEC-2026-586

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in hash in modules/preprocs/nasm/nasm-pp.c...

JLSEC-2026-585

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in dodirective in modules/preprocs/nasm/nasm-pp.c...

JLSEC-2026-589

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in nasmparserdirective in modules/parsers/nasm/nasm-parse.c...

EUVD-2026-35033

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the...

CVE-2026-3238

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the...

CVE-2026-3238 Samba: denial of service against ad dc wins server

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the...

CVE-2026-3238

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from reuse and race conditions in the path of Bluetooth hciuart’s shutdown and initialization processe...

PT-2026-47376

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the rtw cbuf alloc function within the rtl8723bs staging driver. The issue occurs because the return value of kzalloc flex is used without verifying ...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing in the admv1013 driver, potentially leading to system crashes...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing in the rtwcbufalloc function within the staging rtl8723bs driver. Th...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the process of virtual device separation in genpd, and it may lead to null pointer dereferencing...

php security update

An update is available for php. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting language commonly used with the Apache HTTP...

RockyLinux 10 : php (RLSA-2026:23388)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:23388 advisory. PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting...

RHEL 10 : php (RHSA-2026:23388)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23388 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via...

EulerOS Virtualization 2.12.1 : shim (EulerOS-SA-2026-2089)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impa...

RHEL 10 : php8.4 (RHSA-2026:22649)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22649 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also...