Lucene search
K

80861 matches found

EUVD
EUVD
added 11 hours ago4 views

EUVD-2026-43573

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and authatt dereference its result without a NULL check. keyiddata also dereferences akid-keyid,...

6.1AI score
Exploits0References3
CVE
CVE
added yesterday10 views

CVE-2026-58101

CVE-2026-58101 affectsCrypt::OpenSSL::X509 on Perl up to version 2.1.3. The issue arises when parsing X509 extensions: X509V3_EXT_d2i(ext) may return NULL; subsequent dereferences of the result in basicC, ia5string, auth_att, and keyid_data occur without a NULL check. If an affected helper is inv...

6.1AI score
Exploits0References2
RedHat Linux
RedHat Linux
added yesterday2 views

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...

7.5CVSS6AI score0.00805EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added yesterday8 views

kernel: futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlock

A flaw was found in the Linux kernel's futex Fast Userspace Mutex requeue mechanism. When a non-top waiter attempts to requeue a Priority Inheritance PI futex it already owns, a NULL pointer dereference can occur. This issue, specifically within the removewaiter function during a self-deadlock...

6AI score0.00126EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday8 views

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...

7.5CVSS6.9AI score0.00805EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added yesterday7 views

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...

7.5CVSS6.9AI score0.00805EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added yesterday7 views

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerabilit...

7.5CVSS6.9AI score0.00805EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added yesterday4 views

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...

7.5CVSS6.9AI score0.00805EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added yesterday9 views

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.9AI score0.00805EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57917

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3 EXT d2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and auth att dereference its result without a NULL check. keyid data also dereferences...

6.1AI score
Exploits0References4
NVD
NVD
added 2 days ago16 views

CVE-2026-58596

Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

8.3CVSS0.00461EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago11 views

EUVD-2026-43239

Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

8.3CVSS6.1AI score0.00461EPSS
Exploits0References1
NVD
NVD
added 4 days ago8 views

CVE-2026-55783

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS0.00112EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42955

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS6.1AI score0.00112EPSS
Exploits0References3
CVE
CVE
added 4 days ago7 views

CVE-2026-55783

NanaZip (a 7‑Zip derivative) is affected prior to version 6.5.1749.0. The in‑house IInArchive handlers in NanaZip.Codecs dereference the caller‑supplied Indices array during Extract when Indices is NULL and NumItems is 0xFFFFFFFF, in the code path for a full archive extraction (Test or Extract al...

2.4CVSS6.1AI score0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-55783 NanaZip: NULL pointer dereference in Extract() of all seven NanaZip custom archive handlers when extracting/testing the whole archive

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS0.00112EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 4 days ago10 views

kernel: futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlock

A flaw was found in the Linux kernel's futex Fast Userspace Mutex requeue mechanism. When a non-top waiter attempts to requeue a Priority Inheritance PI futex it already owns, a NULL pointer dereference can occur. This issue, specifically within the removewaiter function during a self-deadlock...

6AI score0.00126EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-14461 Out-of-bound read in mtr

mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...

5.1CVSS0.00303EPSS
Exploits0References2
CVE
CVE
added 4 days ago8 views

CVE-2026-14461

The CVE-2026-14461 entry affects mtr up to version 0.96, where ipinfo_lookup() performs DNS AS lookups and can be triggered by a TXT response larger than 512 bytes with a crafted compression pointer, causing an out-of-bounds read. The function uses the response length as the end-of-message bounda...

5.1CVSS6.1AI score0.00303EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 4 days ago8 views

CVE-2026-44512

A flaw was found in Open Neural Network Exchange ONNX, an open standard for machine learning interoperability. This vulnerability allows a remote attacker to cause an unrecoverable denial of service DoS by providing a specially crafted untrusted model. The flaw occurs when the...

6.5CVSS6.1AI score0.0017EPSS
Exploits1References7
Rows per page
Query Builder