QNAP qts 异常处理不当漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There are code-related vulnerabilities in QNAP Systems QTS and QNAP Systems QuTS hero, which stem from null pointer...

QNAP qts 异常处理不当漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There are code-related vulnerabilities in QNAP Systems QTS and QNAP Systems QuTS hero, which stem from null pointer...

QNAP file station 异常处理不当漏洞

QNAP Systems File Station 6 is a file management software developed by QNAP Systems, a company based in Taiwan, China. There is a code vulnerability in QNAP Systems File Station 6, which stems from a null pointer dereferencing. This vulnerability could allow remote attackers to launch a...

PT-2026-48358

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Linux Distros Unpatched Vulnerability : CVE-2026-42766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointe...

EulerOS 2.0 SP13 : expat (EulerOS-SA-2026-2285)

According to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.CVE-2026-32778...

Linux Distros Unpatched Vulnerability : CVE-2026-46305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded...

Linux Distros Unpatched Vulnerability : CVE-2026-46310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the clean...

PT-2026-48572

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-50 ImageMagick versions prior to 7.1.2-25 Description A null pointer dereference occurs when incorrect arguments are passed during the distort operation. A null pointer dereference is a situation where a...

EulerOS 2.0 SP13 : expat (EulerOS-SA-2026-2328)

According to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.CVE-2026-32778...

ImageMagick 代码问题漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. There were code-related vulnerabilities in versions of ImageMagick prior to 6.9.13-50 and 7.1.2-25. These vulnerabilities stemmed from...

EulerOS 2.0 SP13 : binutils (EulerOS-SA-2026-2280)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of- bounds read in the bfd linker, allows a...

Linux Distros Unpatched Vulnerability : CVE-2026-42767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact...

UBUNTU-CVE-2026-9752

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

CVE-2026-9752 GeometryCollection with strict-winding polygon causes server crash during 2dsphere index key generation

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

CVE-2026-9752

MongoDB CVE-2026-9752 describes a vulnerability where an authorized user can trigger a server crash by executing a query that builds a 2dsphere index on a field containing a GeoJSON GeometryCollection with a Polygon that uses a strict-winding CRS. The underlying issue is that while strict-winding...

GeometryCollection with strict-winding polygon causes server crash during 2dsphere index key generation

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

CVE-2025-55651

A NULL pointer dereference in the gfisomgetuserdatacount function isomedia/isomread.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

CVE-2025-55657

A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

CVE-2025-55659

A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...