CVE-2026-21288

Illustrator versions 29.8.3, 30.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user...

CVE-2026-21288

Adobe Illustrator version 29.8.3, 30.0 and earlier is affected by a NULL Pointer Dereference that can crash the application and cause denial-of-service; exploitation requires a user to open a malicious file. Connected advisories confirm fixes have been released (APSB26-03) with updates to address...

CVE-2026-21288 Illustrator | NULL Pointer Dereference (CWE-476)

Illustrator versions 29.8.3, 30.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user...

CVE-2026-20875

Null pointer dereference in Windows Local Security Authority Subsystem Service LSASS allows an unauthorized attacker to deny service over a network...

CVE-2026-20875

Null pointer dereference in Windows Local Security Authority Subsystem Service LSASS allows an unauthorized attacker to deny service over a network...

AZL-74369 CVE-2025-71083 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer deref for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, e.g. because it has been evicted. When devcoredump tries to read the contents of all BOs for...

CVE-2025-68818

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

CVE-2025-68820

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

AZL-74459 CVE-2025-68797 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...

CVE-2025-68820

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

CVE-2025-68818

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Null pointer dereference in Windows Local Security Authority Subsystem Service LSASS allows an unauthorized attacker to deny service over a network...

CVE-2025-71083

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer deref for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, e.g. because it has been evicted. When devcoredump tries to read the contents of all BOs for...

CVE-2025-71083 drm/ttm: Avoid NULL pointer deref for evicted BOs

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer deref for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, e.g. because it has been evicted. When devcoredump tries to read the contents of all BOs for...

CVE-2025-68820

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

CVE-2025-68820 ext4: xattr: fix null pointer deref in ext4_raw_inode()

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

CVE-2025-68797

In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...

CVE-2025-68776 net/hsr: fix NULL pointer dereference in prp_get_untagged_frame()

In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...

CVE-2025-68776

CVE-2025-68776 affects the Linux kernel path in net/hsr where prp_get_untagged_frame() uses __pskb_copy() to build frame->skb_std. If __pskb_copy() returns NULL (allocation failure), skb_clone() is called on NULL, causing a crash (general protection fault) as described in the CVE description. ...

Astra Linux – Vulnerability in docker.io-app

Moby v25.0.0 – v26.0.2 is vulnerable to NULL Pointer Dereference attacks through the daemon/images/imagehistory.go module...