CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added yesterday•6 views

CVE-2025-55639

6.5CVSS

CVE•added yesterday•6 views

CVE-2025-55639

GPAC MP4Box v2.4 contains a NULL pointer dereference in gf_isom_add_track_kind() (isomedia/isom_write.c), enabling a Denial of Service via a crafted MP4 file. A PoC exists in public references; exploitation status is shown as available in the metrics. No patch/version mitigation is specified in t...

6.5CVSS5.9AI score

Cvelist•added yesterday•8 views

CVE-2025-55639

NVD•added 2 days ago•8 views

CVE-2026-56109

The Advanced Linux Sound Architecture ALSA library before 1.2.16.1 contains a double-free vulnerability in parsedef in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array configuration blocks, parsedef...

7CVSS0.00138EPSS

EUVD•added 2 days ago•6 views

EUVD-2026-38301

7CVSS5.9AI score0.00138EPSS

RedHat Linux•added 2 days ago•5 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

5.3CVSS5.9AI score0.00514EPSS

RedHat Linux•added 2 days ago•5 views

httpd: NULL pointer dereference via specially crafted request

A flaw was found in the moddavlock module of httpd. This vulnerability allows a remote unauthenticated attacker to crash the server due to a NULL pointer dereference via a specially crafted request...

7.5CVSS5.9AI score0.00594EPSS

RedHat Linux•added 2 days ago•3 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

5.3CVSS5.9AI score0.00514EPSS

RedHat Linux•added 2 days ago•3 views

httpd: NULL pointer dereference via specially crafted request

7.5CVSS5.9AI score0.00594EPSS

RedhatCVE•added 2 days ago•6 views

CVE-2025-70102

A flaw was found in dhcpcd. A specially crafted configuration input may cause the parseoption function to dereference a NULL pointer while processing malformed option data. This issue may result in application termination and a denial of service condition. Mitigation Red Hat is not aware of a...

6.3CVSS5.7AI score0.00169EPSS

Tenable Nessus•added 2 days ago•5 views

Autodesk Revit 2024 < 2024.3.5 / 2025 < 2025.4.5 / 2026 < 2026.4.1 / 2027 < 2027.1 DoS (adsk-sa-2026-0007)

The version of Autodesk Revit installed on the remote host is 2024 prior to 2024.3.5, 2025 prior to 2025.4.5, 2026 prior to 2026.4.1, or 2027 prior to 2027.1. It is, therefore, affected by a denial of service vulnerability: - A maliciously crafted RFA file, when converted to FormIt via 'Convert R...

5.5CVSS5.9AI score0.00107EPSS

Tenable Nessus•added 3 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2025-70102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parseoption src/if-options.c:1886, t...

6.3CVSS6AI score0.00169EPSS

Tenable Nessus•added 4 days ago•3 views

SUSE SLES15 Security Update : ffmpeg-4 (SUSE-SU-2026:2444-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2444-1 advisory. This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File Extension Bypass...

9.8CVSS7.1AI score0.00701EPSS

Exploits3References31

Tenable Nessus•added 4 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-55204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpackdhtinsert within src/hpack-tbl.c that fails to validat...

8.7CVSS5.9AI score0.00385EPSS

Exploits0References3

NVD•added 5 days ago•9 views

CVE-2026-56209

An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows an attacker to inject an arbitrary pointer into the cyclic refresh map field via crafted image pixel value...

7.1CVSS0.00266EPSS

OSV•added 5 days ago•6 views

GHSA-9CV2-CFXC-V4V2 Nokogiri: Null Pointer Dereference calling methods on uninitialized wrapper classes

Summary Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node. This caused a NULL pointer dereference that could crash the process. Nokogiri 1.19.4 checks for missing native data pointers and raises a...

6.3CVSS6AI score

RedhatCVE•added 5 days ago•10 views

CVE-2026-56209

7.1CVSS6AI score0.00266EPSS

NVD•added 5 days ago•7 views

CVE-2026-48137

There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially...

9.3CVSS0.00497EPSS

NVD•added 5 days ago•6 views

CVE-2026-48139

There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash. Successful exploitation requires an attacker to provide an unknown value to the data moniker service. This affects NI...

8.7CVSS0.00343EPSS