76814 matches found
EUVD-2026-37804
In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash...
PT-2026-50770
Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.9.2 Description An issue exists in the pusb is loginctl local function where a NULL dereference crash can occur when parsing loginctl output. The function utilizes popen to read results; if the Remote field contains...
PT-2026-50708
Name of the Vulnerable Software and Affected Versions HAProxy versions prior to 3.4.0 Description A null pointer dereference occurs in the hpack dht insert function within src/hpack-tbl.c because the return value of hpack dht defrag is not validated when the memory pool is exhausted. An attacker...
Siemens SIMATIC S7-1500 TM MFP NULL Pointer Dereference (CVE-2026-28388)
Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...
Internet Systems Consortium BIND DNSSEC DNSKEY Extended Flags denial of service vulnerability
Summary A denial of service vulnerability exists in the DNSSEC DNSKEY Extended Flags functionality of BIND versions: 9.21.21. A specially crafted mirror domain can lead to a denial of service. An attacker can serve a malicious zone to trigger this vulnerability. Confirmed Vulnerable Versions The...
Siemens RUGGEDCOM RST2428P NULL Pointer Dereference (CVE-2026-22976)
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix NULL deref when deactivating inactive aggregate in qfqreset qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. Two qfqclass objects may point to the same leafqdisc. This happens whe...
Siemens RUGGEDCOM RST2428P NULL Pointer Dereference (CVE-2026-24515)
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Siemens SIMATIC S7-1500 TM MFP NULL Pointer Dereference (CVE-2026-28389)
Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40264)
In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrbparams in case of OS2BMC beinsertvlaninpkt is called with the wrbparams argument being NULL at besendpkttobmc call site. This may lead to dereferencing a NULL pointer when processing a workaround for specific...
Siemens RUGGEDCOM RST2428P Expired Pointer Dereference (CVE-2025-49795)
A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service. This plugin only works with Tenable.ot. Please visit...
Siemens SIMATIC S7-1500 TM MFP NULL Pointer Dereference (CVE-2026-28390)
Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denia...
Oracle Linux 8 : httpd:2.4 (ELSA-2026-25090)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-25090 advisory. - Resolves: RHEL-173558 - httpd:2.4/httpd: Apache HTTP Server modproxyajp: Arbitrary code execution via heap-based buffer overflow CVE-2026-28780 - Resolves:...
CVE-2026-8050
In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash...
CVE-2026-8050 CVE-2026-8050
In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash...
CVE-2026-8050
CVE-2026-8050 affects SignalRGB prior to 1.3.7.0: seven (out of sixteen) IOCTL handlers dereference SystemBuffer without validating non-NULL, causing a NULL pointer dereference and kernel crash when an IOCTL with an empty input buffer is sent. Mitigation is SignalRGB driver update to version 1.3....
CVE-2026-1288
A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Autodesk Revit, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition...
EUVD-2026-37744
A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Autodesk Revit, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition...
CVE-2026-1288 RFA File Parsing Vulnerability in Autodesk Revit
A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Autodesk Revit, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition...
CVE-2026-1288
The CVE-2026-1288 entry concerns Autodesk Revit. A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Revit, can trigger a NULL pointer dereference in the processing path. Exploitation may crash the application, resulting in a denial-of-service condition. The pr...
httpd:2.4 security update
httpd 2.4.37-65.0.1.8 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65.8 - Resolves: RHEL-173558 - httpd:2.4/httpd: Apache HTTP Server modproxyajp: Arbitrary code execution via heap-based buffer overflow CVE-2026-28780 - Resolves: RHEL-175074 - httpd:2.4/httpd: NULL pointe...