63117 matches found
OESA-2026-2190 compat-openssl11 security update
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An...
OESA-2026-2173 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmptagvalidation icmptagvalidation unconditionally dereferences the result of rcudereferenceinetprotosproto without checki...
PT-2026-36705
Name of the Vulnerable Software and Affected Versions Telegram Desktop versions prior to 6.7.6 Description A null pointer dereference a condition where a program attempts to read from a memory address that is null, typically causing a crash can be triggered remotely in the Bot API component. The...
Telegram Desktop 安全漏洞
Telegram Desktop is the desktop version of Telegram’s open-source instant messaging mobile application. Versions of Telegram Desktop prior to 6.7.5 contained a security vulnerability. This vulnerability stemmed from the function RequestButton in the Bot API component, specifically the handling of...
RUSTSEC-2026-0139 Null-pointer dereference and double-free via safe APIs
Two soundness violations exist in the Rust bindings for MetaCall: Null-pointer dereference: MetaCallFuture::newraw accepts a raw pointer without validation. The Debug impl calls Box::fromrawself.data on it. Passing a null pointer causes the Debug impl to construct a NonNull from null, producing...
Null-pointer dereference and double-free via safe APIs
Two soundness violations exist in the Rust bindings for MetaCall: Null-pointer dereference: MetaCallFuture::newraw accepts a raw pointer without validation. The Debug impl calls Box::fromrawself.data on it. Passing a null pointer causes the Debug impl to construct a NonNull from null, producing...
CVE-2026-6525 NULL Pointer Dereference in Wireshark
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4...
CVE-2026-6525 NULL Pointer Dereference in Wireshark
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4...
CVE-2026-6525
Wireshark CVE-2026-6525 refers to a crash in the IEEE 802.11 protocol dissector affecting Wireshark 4.6.0–4.6.4. The issue is a crash (not a memory-safety description) with a CVSSv3.1 base score of 5.5 (MEDIUM). Exploitation is described as LOCAL with user interaction required and impact limited ...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 AFALG AEAD Local Privilege Escalation Exploi...
CLSA-2026-1777544441 vim: Fix of 13 CVEs
CVE-2021-3796: fix use-after-free in nvreplace by getting the line pointer again after inscopychar may have released it - CVE-2021-3973: fix heap buffer overflow in findfileinpathoption by rejecting len == 0 inputs - CVE-2022-0413: fix use-after-free in dosub when the substitute string is a "="...
CLSA-2026-1777547052 openssl: Fix of CVE-2026-28389
CVE-2026-28389: fix NULL pointer dereference in dhcmssetsharedinfo and ecdhcmssetsharedinfo when the CMS KeyEncryptionAlgorithmIdentifier parameter field is omitted...
CLSA-2026-1777541147 squid34: Fix of 12 CVEs
CVE-2019-12525: fix heap buffer over-read in Digest auth parameter parsing - CVE-2018-1000027: fix NULL pointer dereference in X-Forwarded-For logging for internal transactions - CVE-2018-19131: escape certificate field injection via %D in ERRSECURECONNECTFAIL page - CVE-2018-19132: fix memory...
squid34: Fix of 12 CVEs
CVE-2019-12525: fix heap buffer over-read in Digest auth parameter parsing - CVE-2018-1000027: fix NULL pointer dereference in X-Forwarded-For logging for internal transactions - CVE-2018-19131: escape certificate field injection via %D in ERRSECURECONNECTFAIL page - CVE-2018-19132: fix memory...
CLSA-2026-1777464764 libxml2: Fix of 2 CVEs
CVE-2018-14404: fix NULL pointer dereference in xmlXPathCompOpEval when AND/OR operator operates on an empty XPath stack - CVE-2019-19956: fix memory leak in xmlParseBalancedChunkMemoryRecover when parsing NULL doc...
libxml2: Fix of 2 CVEs
CVE-2018-14404: fix NULL pointer dereference in xmlXPathCompOpEval when AND/OR operator operates on an empty XPath stack - CVE-2019-19956: fix memory leak in xmlParseBalancedChunkMemoryRecover when parsing NULL doc...
CLSA-2026-1777453146 ntp: Fix of 2 CVEs
CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...
ntp: Fix of 2 CVEs
CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...
Linux Distros Unpatched Vulnerability : CVE-2026-43013
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: lag: Check for LAG device before creating debugfs mlx5lagdevaddmdev may return 0 success even when an error occurs that is handled gracefully...
openSUSE 16 Security Update : libssh (openSUSE-SU-2026:20647-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20647-1 advisory. - Update to version 0.11.4: - CVE-2026-0964: SCP Protocol Path Traversal in sshscppullrequest bsc1258049 - CVE-2026-0965: Possible Denial of...