PT-2025-51987

Name of the Vulnerable Software and Affected Versions OFFIS DCMTK versions up to 3.6.9 Description A flaw exists in the DCMTK library, specifically within the DcmQueryRetrieveIndexDatabaseHandle::startFindRequest and DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest functions located in the...

EulerOS Virtualization 2.13.0 : gnutls (EulerOS-SA-2025-2576)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of...

Linux Distros Unpatched Vulnerability : CVE-2025-14841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element is the function DcmQueryRetrieveInd...

CVE-2025-65563

A denial-of-service vulnerability exists in the omec-project UPF component upf-epc/pfcpiface up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler...

UPF 安全漏洞

UPF is an open source user interface from the Aether SD-Core Project. A security vulnerability exists in UPF that originates from dereferencing a null pointer when processing a PFCP association setup request that lacks a recovery timestamp, which could result in a denial of service...

CVE-2025-65564

A denial-of-service vulnerability exists in the omec-upf upf-epc-pfcpiface in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory Recovery Time Stamp Information Element, the association setup handler dereferences a nil pointer...

PT-2025-52512

CVE-2025-14319 - Here is the title: Apache HTTP Server NULL Pointer Dereference Vulnerability CVE ID : CVE-2025-14319 Published : Dec. 17, 2025, 11:15 p.m. | 53 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA...

EulerOS Virtualization 2.13.1 : openjpeg2 (EulerOS-SA-2025-2555)

According to the versions of the openjpeg2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.CVE-2025-50952 Tenable has...

RHEL 7 : audiofile (RHSA-2025:23457)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23457 advisory. The Audio File library is an implementation of the Audio File Library from SGI, which provides an API for accessing audio file formats like...

EulerOS Virtualization 2.13.0 : openjpeg2 (EulerOS-SA-2025-2590)

According to the versions of the openjpeg2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.CVE-2025-50952 Tenable has...

EUVD-2025-203929

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When receiving an fragmented IPv6 packe...

SUSE-SU-2025:4426-1 Security update for xkbcomp

This update for xkbcomp fixes the following issues: - CVE-2018-15863: NULL pointer dereference triggered by a a crafted keymap file with a no-op modmask expression can lead to a crash bsc1105832. - CVE-2018-15861: NULL pointer dereference triggered by a crafted keymap file that induces an...

kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()

A null pointer dereference exists in the linux kernel such that in objstockflushrequired:stock-cachedobjcg can be reset between the check and dereference, resulting in damage to the availability of the system...

CVE-2025-62848

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build...

SUSE CVE-2025-68176

In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops...

Linux Distros Unpatched Vulnerability : CVE-2025-40346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - archtopology: Fix incorrect error check in topologyparsecpucapacity Fix incorrect use of PTRERRORZERO in topologyparsecpucapacity which causes the code to proce...

PT-2025-51879

Name of the Vulnerable Software and Affected Versions Sante PACS Server affected versions not specified Description A flaw exists in the handling of the HTTP Content-Length header within Sante PACS Server. The issue stems from insufficient validation of a pointer before access, potentially leadin...

SUSE SLES12 Security Update : xkbcomp (SUSE-SU-2025:4407-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4407-1 advisory. - CVE-2018-15863: NULL pointer dereference triggered by a a crafted keymap file with a no-op modmask expression can lead to a crash bsc1105832....

SUSE SLES12 Security Update : libssh (SUSE-SU-2025:4408-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:4408-1 advisory. - CVE-2025-8114: Fixed a NULL pointer dereference when calculating session ID during KEX. bsc1246974 Tenable has extracted the preceding description...

CVE-2025-68274

CVE-2025-68274 describes a nil pointer dereference in the SIPGO library when building SIP responses with NewResponseFromRequest, triggered if the incoming SIP request is missing a To header. The issue can cause a remote attacker to crash SIP applications that use this function, effectively a deni...