SUSE CVE-2026-7259

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...

SUSE CVE-2026-7262

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

SUSE CVE-2026-43300

In the Linux kernel, the following vulnerability has been resolved: drm/panel: Fix a possible null-pointer dereference in jdipaneldsiremove In jdipaneldsiremove, jdi is explicitly checked, indicating that it may be NULL: if !jdi mipidsidetachdsi; However, when jdi is NULL, the function does not...

SUSE CVE-2026-43333

In the Linux kernel, the following vulnerability has been resolved: bpf: reject direct access to nullable PTRTOBUF pointers checkmemaccess matches PTRTOBUF via basetype which strips PTRMAYBENULL, allowing direct dereference without a null check. Map iterator ctx-key and ctx-value are PTRTOBUF |...

SUSE CVE-2026-43335

In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icclinknodes The change to dynamic IDs for SM8450 platform interconnects left two links unconverted, fix it to avoid the NULL pointer dereference in runtime, when a...

SUSE CVE-2026-43471

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcdaddcommandtrace The kernel log indicates a crash in ufshcdaddcommandtrace, due to a NULL pointer dereference when accessing hwq-id. This can happen if...

SUSE CVE-2026-43473

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creation o...

CVE-2026-43356

A flaw was found in the Linux kernel's Industrial I/O IIO subsystem, specifically within the Analog Devices ADIS Inertial Measurement Unit IMU drivers adis16480, adis16490, adis16545. When these drivers are initialized, a NULL pointer dereference occurs in the adisinit function because the adis-o...

EUVD-2026-29006

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smfnsmfhandlecreatedatainhsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized...

CVE-2026-8252

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smfnsmfhandlecreatedatainhsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: numpy (UTSA-2026-017404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017404 advisory. Null Pointer Dereference vulnerability exists in numpy.sort in NumPy and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows...

Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017434)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017434 advisory. A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ Ticket Granting Server - Request. An authenticated user could...

Unity Linux 20.1060e / 20.1070e Security Update: krb5 (UTSA-2026-017424)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017424 advisory. The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/dotgsreq.c via a FAST inner...

Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017521 advisory. A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to...

openSUSE 16 Security Update : tor (openSUSE-SU-2026:20709-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20709-1 advisory. Changes in tor: - Update to 0.4.9.8 Fix out-of-bounds read boo1264341, CVE-2026-44597, TROVE-2026-011 Do not attempt or accept BEGINDIR via...

Unity Linux 20.1070e Security Update: ImageMagick (UTSA-2026-017465)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017465 advisory. A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage in coders/svg.c. This issue is due to not checking the return...

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple macOS is a specialized operating system developed for Mac computers. Several Apple products have security...

PT-2026-39821

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.5 iPadOS versions prior to 26.5 macOS Tahoe versions prior to 26.5 tvOS versions prior to 26.5 Description A null pointer dereference—a condition where a program attempts to read or write to a memory location that is...

Unity Linux 20.1060e / 20.1070e Security Update: transfig (UTSA-2026-017536)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017536 advisory. An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function computeclosedspline located in transspline.c. It allows an attack...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from a null pointer dereferencing in the smfnsmfhandlecreatedatainhsm...