34303 matches found
CVE-2025-53598
CVE-2025-53598 describes a NULL pointer dereference affecting Qsync Central. A remote attacker who has a user account can trigger a DoS condition. Affected software: Qsync Central prior to 5.0.0.4. The vendor fixed the vulnerability in Qsync Central 5.0.0.4 and later (released 2026-01-20). The av...
CVE-2025-54146
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-54146 Qsync Central
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-54146
CVE-2025-54146 affects Qsync Central. A NULL pointer dereference allows a remote attacker who has a user account to trigger a denial-of-service (DoS). The issue is mitigated by upgrading to Qsync Central 5.0.0.4 (released 2026-01-20) or later. According to the provided metrics, this CVE has a CVS...
CVE-2025-54147 Qsync Central
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-54147
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-54147 Qsync Central
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-54147
CVE-2025-54147 affects Qsync Central via a NULL pointer dereference that can be triggered remotely after an attacker gains a user account, enabling a DoS. Impact: availability loss with no confidentiality/integrity impact per the published metrics. Remediation: fixed in Qsync Central 5.0.0.4 (202...
CVE-2025-54148 Qsync Central
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-54163 File Station 5
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Statio...
CVE-2025-58472 Qsync Central
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Centra...
CVE-2025-58472
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Centra...
CVE-2025-58472
CVE-2025-58472 is a NULL pointer dereference in Qsync Central. A remote attacker with administrator privileges can trigger a DoS. Affected product: Qsync Central; vulnerable component: not explicitly broken out beyond the OS software. Root cause: NULL pointer dereference (as described in multiple...
CVE-2025-59386
CVE-2025-59386 is a NULL pointer dereference in several QNAP OS versions. An attacker with an administrator account can trigger a DoS remotely. Fixed in QuTS hero h5.3.2.3354 build 20251225 and later. CVSS 4.0 (base 5.1, MEDIUM); Attack Vector: NETWORK; Privileges Required: HIGH; User Interaction...
CVE-2025-59386 QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-66274 QTS, QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-66274 QTS, QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-66274
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state
A NULL pointer dereference vulnerability was found in the Intel i915 graphics driver in the Linux kernel. The intelatomicgetnewcrtcstate function can return NULL if the CRTC state was not previously obtained via intelatomicgetcrtcstate, but the return value was not checked before use. This leads ...
CLSA-2026-1770804474 Fix CVE(s): CVE-2025-69418, CVE-2025-69421, CVE-2026-22796
SECURITY UPDATE: The trailing 1-15 bytes of a message may be exposed incleartext on encryption and are not covered by the authentication tag,allowing an attacker to read or tamper with those bytes without detection - debian/patches/CVE-2025-69418.patch: fix OCB AES-NI/HW stream path...