MiracleLinux 8 : sqlite-3.26.0-16.el8 (AXSA:2022-3931:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3931:01 advisory. sqlite: Out of bounds access during table rename CVE-2020-35527 sqlite: Null pointer derreference in src/select.c CVE-2020-35525 Tenable has extract...

MiracleLinux 7 : audiofile-0.3.6-9.el7 (AXSA:2020-752:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-752:01 advisory. audiofile: Heap-based buffer overflow in Expand3To4Module::run when running sfconvert CVE-2018-17095 audiofile: NULL pointer dereference in...

MiracleLinux 8 : poppler-20.11.0-11.el8 (AXSA:2024-8323:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8323:02 advisory. poppler: NULL pointer dereference in FoFiType1C::convertToType1 CVE-2020-36024 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : qemu-kvm-7.0.0-13.el9 (AXSA:2023-4972:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4972:01 advisory. QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free CVE-2021-3750 QEMU: fdc: heap buffer overflow in DMA read data transfers CVE-2021-3507...

CVE-2025-57156

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

PT-2026-3653

Name of the Vulnerable Software and Affected Versions owntone-server versions prior to the commit after version 28.2 Description A flaw exists in owntone-server due to a NULL pointer dereference within the daap reply groups function, located in src/httpd daap.c. This issue, present through commit...

CVE-2025-57156

Summary (CVE-2025-57156) : A NULL pointer dereference in the owntone-server component, specifically in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c, can be triggered by a remote attacker through commits up to 6d604a1 (post-version 28.12). This vulnerability allows remote Denial...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53589)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-44013)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following...

MiracleLinux 9 : httpd-2.4.57-11.el9_4 (AXSA:2024-8602:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8602:02 advisory. httpd: Improper escaping of output in modrewrite CVE-2024-38475 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: null pointer...

MiracleLinux 8 : evolution-data-server-3.28.5-15.el8, evolution-ews-3.28.5-10.el8, evolution-3.28.5-16.el8 (AXSA:2021-2137:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2137:01 advisory. evolution-data-server: NULL pointer dereference related to imapxfreecapability and imapxconnecttoserver CVE-2020-16117 Tenable has extracted the preceding...

MiracleLinux 8 : httpd:2.4 (AXSA:2021-2774:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2774:01 advisory. httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF'...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53596)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

MiracleLinux 7 : openldap-2.4.44-23.el7 (AXSA:2021-1719:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1719:02 advisory. openldap: NULL pointer dereference for unauthenticated packet in slapd CVE-2020-25692 Tenable has extracted the preceding description block directly from the...

CVE-2025-57156

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53414)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

MiracleLinux 9 : kernel-5.14.0-427.13.1.el9_4 (AXSA:2024-8139:13)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8139:13 advisory. kernel: GSM multiplexing race condition leads to privilege escalation CVE-2023-6546 kernel: multiple use-after-free vulnerabilities CVE-2024-1086,...

MiracleLinux 8 : mod_auth_openidc:2.3 (AXSA:2023-7316:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7316:01 advisory. modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character CVE-2022-23527 modauthopenidc: NULL pointer dereference when...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52430)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

MiracleLinux 7 : binutils-2.27-41.base.el7 (AXSA:2019-4165:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4165:01 advisory. binutils: integer overflow leads to heap-based buffer overflow in objdump CVE-2018-1000876 binutils: Stack Exhaustion in the demangling functions...