Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

76366 matches found

AlpineLinux
AlpineLinuxadded 2026/06/10 10:5 p.m.6 views

CVE-2026-53463

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-50 and 7.1.2-25...

4.3CVSS5.3AI score0.00187EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/06/10 10:5 p.m.8 views

CVE-2026-53463

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-50 and 7.1.2-25...

4.3CVSS5.3AI score0.00187EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/06/10 9:2 p.m.8 views

CVE-2026-42903

Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network...

6.5CVSS5.4AI score0.00727EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/10 9:2 p.m.9 views

CVE-2026-34703

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this...

5.5CVSS5.5AI score0.0013EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/10 9:2 p.m.9 views

CVE-2026-34704

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this...

5.5CVSS5.5AI score0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/10 8:0 p.m.6 views

CVE-2026-45380 bit7z: Path Traversal via Null Byte Injection from `gcount()` Off-by-One in `restoreSymlink()`

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, a one-byte off-by-one error in SafeOutPathBuilder::restoreSymlink allows an attacker to craft a .7z archive that, when extracted with bit7z on any non-Windows platform,...

3.6CVSS5.5AI score0.00116EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/06/10 8:0 p.m.27 views

CVE-2026-45380 bit7z: Path Traversal via Null Byte Injection from `gcount()` Off-by-One in `restoreSymlink()`

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, a one-byte off-by-one error in SafeOutPathBuilder::restoreSymlink allows an attacker to craft a .7z archive that, when extracted with bit7z on any non-Windows platform,...

3.6CVSS0.00116EPSS
Exploits0References2
CVE
CVEadded 2026/06/10 8:0 p.m.11 views

CVE-2026-45380

The CVE-2026-45380 issue affects bit7z (a cross-platform C++ static library for archive handling). A one-byte off-by-one bug in SafeOutPathBuilder::restoreSymlink() (prior to 4.0.12) enables crafting a .7z archive that, when extracted on non-Windows, creates a symlink escaping the extraction dire...

3.6CVSS5.5AI score0.00116EPSS
Exploits0References2
NVD
NVDadded 2026/06/10 2:16 p.m.9 views

CVE-2026-52754

Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...

8.8CVSS0.00252EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/06/10 1:34 p.m.7 views

CVE-2026-42767

A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...

5.9CVSS5.4AI score0.00349EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/06/10 1:26 p.m.8 views

CVE-2026-42766

A flaw was found in OpenSSL. A remote attacker could exploit a NULL pointer dereference vulnerability in the Cryptographic Message Syntax CMS decryption process by providing a specially crafted password-encrypted CMS message. This occurs because the keyDerivationAlgorithm field, which is optional...

5.9CVSS5.1AI score0.00596EPSS
Exploits0References3
EUVD
EUVDadded 2026/06/10 12:40 p.m.8 views

EUVD-2026-36013

Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...

8.8CVSS5.5AI score0.00252EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/10 12:40 p.m.33 views

CVE-2026-52754 Ghidra < 12.1 - Authentication Bypass via Null Signature in PKIAuthenticationModule

Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...

8.8CVSS0.00252EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/06/10 12:40 p.m.6 views

CVE-2026-52754 Ghidra < 12.1 - Authentication Bypass via Null Signature in PKIAuthenticationModule

Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...

8.8CVSS5.5AI score0.00252EPSS
Exploits0References4
CVE
CVEadded 2026/06/10 12:40 p.m.38 views

CVE-2026-52754

Ghidra prior to 12.1 is affected by an authentication bypass in PKIAuthenticationModule.authenticate(). An attacker presenting a valid CA-signed certificate with a null signature can impersonate other users, enabling privilege escalation. Documented impacts include modifying repository access con...

8.8CVSS5.5AI score0.00252EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2026/06/10 5:7 a.m.6 views

MGASA-2026-0191 Updated libxmp packages fix security vulnerabilities

CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbisdeinit CVE-2023-45680: Null pointer dereference in vorbisdeinit CVE-2023-45681: Out of bounds heap buffer write CVE-2023-45676: Multi-byte write heap buffer overflow in startdecoder CVE-2023-45677: Heap buffer out of bounds...

7.8CVSS5.9AI score0.0056EPSS
Exploits1References4
NVD
NVDadded 2026/06/10 4:17 a.m.12 views

CVE-2026-22899

A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...

6.5CVSS0.0028EPSS
Exploits0References1
NVD
NVDadded 2026/06/10 4:17 a.m.12 views

CVE-2026-24716

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

7.2CVSS0.00331EPSS
Exploits0References1
NVD
NVDadded 2026/06/10 4:17 a.m.14 views

CVE-2025-66281

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build...

7.2CVSS0.00334EPSS
Exploits0References1
NVD
NVDadded 2026/06/10 4:17 a.m.11 views

CVE-2025-62850

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

7.2CVSS0.00331EPSS
Exploits0References1
Rows per page
Query Builder