Adobe Substance3D Painter 代码问题漏洞

Adobe Substance3D Painter is a 3D scene-building software developed by Adobe, a company based in America. Versions of Adobe Substance3D Painter 11.1.2 and earlier contained a code vulnerability caused by a null pointer dereferencing, which could lead to a denial-of-service attack...

PT-2026-24357

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.5 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. A null pointer dereference exists in the CIccTagXmlStruct::ParseTag function, which can lead to a segmentation...

PT-2026-24372

Name of the Vulnerable Software and Affected Versions Substance3D - Painter versions 11.1.2 and earlier Description The software is susceptible to a NULL Pointer Dereference issue that may result in a denial-of-service condition. Successful exploitation of this issue requires a user to open a...

PT-2026-24246

A NULL Pointer Dereference vulnerability CWE-476 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow an authenticated attacker to crash the HTTP daemon via crafted HTTP...

SUSE-SU-2026:0853-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression bsc1258743. - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-24485: denial of service via...

SUSE-SU-2026:0852-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression bsc1258743. - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-24485: denial of service via...

EUVD-2025-208406

In some cases, the tcp-setmss handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host ma...

CVE-2025-14769 ipfw denial of service

In some cases, the tcp-setmss handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host ma...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has security vulnerabilities; these vulnerabilities arise from the tcpsetmss process, which may release data packets and cause errors without stopping the rule processing engine. This can lead to null pointer...

Qnap QTS and QuTS NULL Pointer Dereference (CVE-2025-47205)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

CVE-2026-3665 xlnt-community xlnt XLSX File xlsx_consumer.cpp read_office_document null pointer dereference

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

AZL-79595 CVE-2025-69649 affecting package binutils 2.37-20

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

AZL-79571 CVE-2025-69649 affecting package binutils 2.41-10

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CLSA-2026-1772793148 Fix CVE(s): CVE-2026-25795

SECURITY UPDATE: null pointer dereference and crash in image reading - debian/patches/CVE-2026-25795.patch: Fix NULL pointer dereference; move DestroyImageInfo call after filename copy; cause: DestroyImageInfo was called before filename copy, freeing readinfo used to access filename. -...

Amazon Linux 2 : aide, --advisory ALAS2-2026-3186 (ALAS-2026-3186)

The version of aide installed on the remote host is prior to 0.16.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3186 advisory. AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability ...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

Amazon Linux 2023 : aide (ALAS2023-2026-1462)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1462 advisory. AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or...

PT-2026-23739

Name of the Vulnerable Software and Affected Versions GNU Binutils versions through 2.46 Description The software contains a flaw where a null pointer dereference can occur when processing a specially crafted ELF binary with incorrectly formatted header fields. This happens during relocation...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...