31825 matches found
CVE-2026-15352 NASA Core Flight System (cFS) Health & Safety (HS) Application NULL Pointer Dereference
A vulnerability exists in the Health & Safety HS application of NASA's Core Flight System cFS. The flaw allows the application to crash via segmentation fault when processing a routine Housekeeping Telemetry request, leading to denial of service...
kernel: futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlock
A flaw was found in the Linux kernel's futex Fast Userspace Mutex requeue mechanism. When a non-top waiter attempts to requeue a Priority Inheritance PI futex it already owns, a NULL pointer dereference can occur. This issue, specifically within the removewaiter function during a self-deadlock...
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
CVE-2026-50673
Null pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-50315
Null pointer dereference in Windows Image Acquisition allows an authorized attacker to elevate privileges locally...
Windows Active Directory Domain Services Denial of Service Vulnerability
Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network...
Windows Kernel Elevation of Privilege Vulnerability
Null pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-15690 open62541 Shared Client ua_client_connect.c responseReadNamespacesArray null pointer dereference
A vulnerability was identified in open62541 up to 1.5.5. Affected by this issue is the function responseReadNamespacesArray of the file src/client/uaclientconnect.c of the component Shared Client Library. Such manipulation of the argument ServerNamespaceArray leads to null pointer dereference. Th...
kernel: net: bridge: use a stable FDB dst snapshot in RCU readers
A flaw was found in the Linux kernel. Inconsistent handling of local Forwarding Database FDB entries in the bridge networking component's RCU Read-Copy-Update readers can lead to a null-pointer dereference. A local attacker could exploit this by triggering a concurrent update to an FDB entry,...
EUVD-2026-43573
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and authatt dereference its result without a NULL check. keyiddata also dereferences akid-keyid,...
PT-2026-58348
Name of the Vulnerable Software and Affected Versions Active Directory Domain Services affected versions not specified Description A null pointer dereference—a condition where a program attempts to read a memory location that is null—exists in Active Directory Domain Services. This allows an...
CVE-2025-56363
A null pointer dereference vulnerability exists in the Matter SDK connectedhomeip before 1.4.0, affecting the ReadRevisionAttribute function used in multiple clusters Channel, Account Login, TargetNavigator, etc.. The function lacks proper validation of the delegate pointer before dereferencing. ...
DEBIAN-CVE-2026-58101
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and authatt dereference its result without a NULL check. keyiddata also dereferences akid-keyid,...
CVE-2026-58101
CVE-2026-58101 affects Crypt::OpenSSL::X509 before 2.1.3 for Perl. The issue arises when X509V3_EXT_d2i(ext) returns NULL if an extension fails to parse, yet basicC, ia5string, and auth_att dereference the result without a NULL check, and keyid_data dereferences akid->keyid even when the AKI s...
OPENSUSE-SU-2026:21332-1 Security update for patch
This update for patch fixes the following issues - CVE-2026-56288: crafted unified-diff patch file can cause null pointer derefence bsc1271167. - CVE-2026-56289: improper validation of hunk line offsets can lead to denial of service bsc1271166...
SUSE-SU-2026:2922-1 Security update for patch
This update for patch fixes the following issues - CVE-2021-45261: Invalid Pointer via anotherhunk function bsc1194037. - CVE-2026-56288: crafted unified-diff patch file can cause null pointer derefence bsc1271167. - CVE-2026-56289: improper validation of hunk line offsets can lead to denial of...
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
PT-2026-57917
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3 EXT d2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and auth att dereference its result without a NULL check. keyid data also dereferences...