31465 matches found
CLSA-2026-1775688216 augeas: Fix of CVE-2025-2588
CVE-2025-2588: fix null pointer dereference in recaseexpand...
Security Bulletin: EDB PGAI Databases is affected by Multiple Vulnerabilities.
Summary Multiple Vulnerabilities found in EDB PGAI Databases 18.0. It has been addressed in 18.2. Hence, IBM strongly recommends upgrading to 18.2. Vulnerability Details CVEID:CVE-2024-25260 DESCRIPTION: elfutils v0.189 was discovered to contain a NULL pointer dereference via the handleverdef...
CVE-2026-28390
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()
A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006632)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006632 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix null-ptr-deref in ibcorecleanup KASAN reported a null-ptr-deref error: KASAN:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006572)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006572 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in sndac97mixer smatch error:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006689)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006689 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when...
SUSE CVE-2026-28388
Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the CMSdecrypt function. An attacker can cause a crash by submitting a specially crafted CMS EnvelopedData message with a missing optional parameters field in the KeyEncryptionAlgorithmIdentifier, leading to ...
DEBIAN-CVE-2026-28390
Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denia...
CVE-2026-28389
Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...
ALPINE-CVE-2026-28388
Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...
CVE-2026-28389
Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...
CVE-2026-28389
CVE-2026-28389 describes a NULL pointer dereference in OpenSSL when processing CMS EnvelopedData with KeyAgreeRecipientInfo. If the optional parameters field of KeyEncryptionAlgorithmIdentifier is missing, a NULL dereference can occur, potentially causing DoS via crash during CMS_decrypt() on unt...
CVE-2026-28388
Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...
CVE-2026-28388
CVE-2026-28388 describes a NULL pointer dereference in OpenSSL delta-CRL processing when the CRL Number extension is missing. Exploitation requires enabling X509_V_FLAG_USE_DELTAS and the presence of a freshestCRL or EXFLAG_FRESHEST; processing a malformed delta CRL can crash an application, caus...
SUSE-SU-2026:21062-1 Security update for expat
This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259726. - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing bsc1259711. - CVE-2026-3277...
NULL Pointer Dereference
Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to NULL Pointer Dereference in the clipboard.readImage function when processing malformed clipboard image data...
CVE-2026-5745
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...
Important: Red Hat Security Advisory: freerdp security update
An update for freerdp is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...