63168 matches found
gstreamer1 -- multiple vulnerabilities
The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.2 release: Several security vulnerabilities were addressed, including: H.264 video parser NULL pointer dereference when freeing SPS/MVC data. Integer overflows in the AV1 LEB128 parser, H.266/VVC video parser, and W...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the archiveaclfromtextnl function. An attacker can cause applications to crash by supplying a specially crafted archive containing a malformed ACL string. Remediation There is no fixed version for libarchive...
OpenSSL Security Advisory 20260407
OpenSSL Security Advisory 20260407 - Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigge...
PT-2026-31038
Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.0 through 3.6 Description Processing a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo can lead to a NULL pointer dereference. This can cause applications that process attacker-controlled CMS data to crash befor...
OpenSSL 安全漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
OpenSSL 安全漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
OpenSSL 安全漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables the implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure has...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-006567)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006567 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Grab sasdev lock when traversing the members of sasdev.list When freeing slots in...
OpenSSL 1.0.2 < 1.0.2zp Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.0.2zp. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2zp advisory. - Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereferenc...
Linux Distros Unpatched Vulnerability : CVE-2026-28389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary:...
Linux Distros Unpatched Vulnerability : CVE-2026-28388
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number...
Linux Distros Unpatched Vulnerability : CVE-2026-5745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function...
SUSE SLES15 Security Update : kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1187-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1187-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.31 fixes various security issues The following security issues were fixed: -...
VMware Workstation 17.x, 25H2 < 25H2u1 NULL Pointer Dereference (VMSA-2026-0002)
The version of VMware Workstation installed on the remote host is 17.x, 25H2.x prior to 25H2u1. It is, therefore, affected by a vulnerability: - A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error...
Linux Distros Unpatched Vulnerability : CVE-2026-23433
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: armmpam: Fix null pointer dereference when restoring bandwidth counters When an MSC supporti...
Linux Distros Unpatched Vulnerability : CVE-2026-23435
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG:...
kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild
A flaw was found in the Linux kernel's ice network driver. A local attacker could exploit a race condition during the Virtual Station Interface VSI rebuild process. This flaw occurs when the Precision Time Protocol PTP periodic work attempts to access uninitialized memory, leading to a NULL point...
kernel: nouveau: fix instmem race condition around ptr stores
A flaw was found in the nouveau module in the Linux kernel. In some conditions, a race condition can cause a NULL pointer dereference, resulting in a denial of service...
kernel: nouveau: fix instmem race condition around ptr stores
A flaw was found in the nouveau module in the Linux kernel. In some conditions, a race condition can cause a NULL pointer dereference, resulting in a denial of service...
Exploit for CVE-2026-23398
CVE-2026-23398 Linux Kernel icmptagvalidation NULL Poin...