EUVD-2025-208406

In some cases, the tcp-setmss handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host ma...

CVE-2025-14769 ipfw denial of service

In some cases, the tcp-setmss handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host ma...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has security vulnerabilities; these vulnerabilities arise from the tcpsetmss process, which may release data packets and cause errors without stopping the rule processing engine. This can lead to null pointer...

Qnap QTS and QuTS NULL Pointer Dereference (CVE-2025-47205)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

CVE-2026-3665 xlnt-community xlnt XLSX File xlsx_consumer.cpp read_office_document null pointer dereference

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

AZL-79595 CVE-2025-69649 affecting package binutils 2.37-20

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

AZL-79571 CVE-2025-69649 affecting package binutils 2.41-10

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CLSA-2026-1772793148 Fix CVE(s): CVE-2026-25795

SECURITY UPDATE: null pointer dereference and crash in image reading - debian/patches/CVE-2026-25795.patch: Fix NULL pointer dereference; move DestroyImageInfo call after filename copy; cause: DestroyImageInfo was called before filename copy, freeing readinfo used to access filename. -...

Amazon Linux 2 : aide, --advisory ALAS2-2026-3186 (ALAS-2026-3186)

The version of aide installed on the remote host is prior to 0.16.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3186 advisory. AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability ...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

Amazon Linux 2023 : aide (ALAS2023-2026-1462)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1462 advisory. AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or...

PT-2026-23739

Name of the Vulnerable Software and Affected Versions GNU Binutils versions through 2.46 Description The software contains a flaw where a null pointer dereference can occur when processing a specially crafted ELF binary with incorrectly formatted header fields. This happens during relocation...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

Moxa VPort Cameras NULL Pointer Dereference (CVE-2021-25845)

Improper validation of the ChassisID TLV in userdisk/vportlldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows attackers to cause a denial of service due to a NULL pointer dereference via a crafted lldp packet. This plugin only works with Tenable.ot. Please visit...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the handling of Protobuf messages within multiple server handlers due to missing nil-pointer validation after unmarshalling. An attacker can cause the server process to terminate unexpectedly by sending a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005800 advisory. In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007i2cxfer In az6007i2cxfer, msg is controlled by user...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005651 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiexhandleuaprxforward', always...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005718)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005718 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: lpddr2nvm: Fix possible null-ptr-deref It will cause null-ptr-deref when resourcesizeaddrang...