CVE-2025-63648

A NULL pointer dereference in the dacpreplyplayqueueeditmove function src/httpddacp.c of owntone-server commit b7e385f allows attackers to cause a Denial of Service DoS via sending a crafted DACP request to the server...

ROS-20260121-73-0053

A vulnerability in the int3402thermal.c component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which can trigger a null pointer derefrence exception when disabling inactive aggregation in qfqreset, potentially...

ROS-20260121-73-0006

A vulnerability in the drivers/net/can/ctucanfd component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260121-73-0046

A vulnerability in the calipso.c component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-63647

A NULL pointer dereference in the parsemeta function src/httpddaap.c of owntone-server commit 334beb allows attackers to cause a Denial of Service DoS via sending a crafted DAAP request to the server...

CVE-2025-63647

A NULL pointer dereference in the parsemeta function src/httpddaap.c of owntone-server commit 334beb allows attackers to cause a Denial of Service DoS via sending a crafted DAAP request to the server...

CVE-2025-57156

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

CVE-2025-57155

Summary: CVE-2025-57155 affects owntone-server due to a NULL pointer dereference in the daap_reply_groups function (src/httpd_daap.c) triggered by a commit 5e6f19a, after version 28.2. This flaw allows remote attackers to cause a Denial of Service. What’s affected: owntone-server builds prior to ...

CVE-2025-57156

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

CVE-2025-57155

NULL pointer dereference in the daapreplygroups function in src/httpddaap.c in owntone-server through commit 5e6f19a newer commit after version 28.2 allows remote attackers to cause a Denial of Service...

PT-2026-3653

Name of the Vulnerable Software and Affected Versions owntone-server versions prior to the commit after version 28.2 Description A flaw exists in owntone-server due to a NULL pointer dereference within the daap reply groups function, located in src/httpd daap.c. This issue, present through commit...

CVE-2025-57156

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

PT-2026-3655

A NULL pointer dereference in the parse meta function src/httpd daap.c of owntone-server commit 334beb allows attackers to cause a Denial of Service DoS via sending a crafted DAAP request to the server...

CVE-2025-57156

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

CVE-2025-57156

Summary (CVE-2025-57156) : A NULL pointer dereference in the owntone-server component, specifically in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c, can be triggered by a remote attacker through commits up to 6d604a1 (post-version 28.12). This vulnerability allows remote Denial...

MiracleLinux 9 : qemu-kvm-7.0.0-13.el9 (AXSA:2023-4972:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4972:01 advisory. QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free CVE-2021-3750 QEMU: fdc: heap buffer overflow in DMA read data transfers CVE-2021-3507...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52430)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53592)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following...

MiracleLinux 8 : curl-7.61.1-18.el8 (AXSA:2021-1956:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1956:03 advisory. curl: FTP PASV command response can cause curl to connect to arbitrary host CVE-2020-8284 curl: Malicious FTP server can trigger stack overflow when...