34343 matches found
kernel: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...
kernel: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcmgetboardname devmkstrdup can return a NULL pointer on failure,but this returned value in btbcmgetboardname is not checked. Add NULL check in btbcmgetboardname, to handle kernel NULL pointe...
kernel: usb: xhci: Fix NULL pointer dereference on certain command aborts
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command is queued to the final usable TRB of a ring segment, the enqueue pointer is advanced to the subsequent link TRB and no further. If the command is late...
kernel: smb: client: Add check for next_buffer in receive_encrypted_standard()
In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereference...
kernel: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...
Windows Remote Desktop Services Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
Microsoft Excel Information Disclosure Vulnerability
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network...
Microsoft Excel Remote Code Execution Vulnerability
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
PT-2025-46404
Name of the Vulnerable Software and Affected Versions IntelR QAT Windows software versions prior to 2.6.0 Description A null pointer dereference issue exists in some IntelR QAT Windows software. This can potentially lead to a denial of service. A system software adversary with an authenticated us...
Intel QAT 安全漏洞
Intel QAT Windows software refers to the collection of Intel® Data Protection and Compression Acceleration Technology software components that provide support for the Windows operating system. An untrusted pointer dereference vulnerability exists in Intel QAT Windows software, which can be...
PT-2025-46488
Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Description An issue exists in Microsoft Office Excel where an untrusted pointer dereference can allow an unauthorized attacker to disclose information over a network. Recommendations At t...
PT-2025-46430
Name of the Vulnerable Software and Affected Versions Intel QuickAssist Technology versions prior to 2.6.0 Description An issue exists in Intel QuickAssist Technology software that may allow an escalation of privilege. A local attacker with an authenticated user account and low complexity attack...
PT-2025-46466
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description An issue exists in Windows Remote Desktop where an untrusted pointer dereference can occur. A local attacker who successfully exploits this may be able to gain elevated privileges...
PT-2025-46407
Name of the Vulnerable Software and Affected Versions IntelR QAT Windows software versions prior to 2.6.0 Description An untrusted pointer dereference exists in some IntelR QAT Windows software. This issue, occurring within Ring 3: User Applications, may allow an information disclosure. A system...
Security Updates for Microsoft Office Online Server (November 2025)
The Microsoft Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerabilities: - Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. CVE-2025-60726 - Out-of-boun...
PT-2025-46474
Name of the Vulnerable Software and Affected Versions Windows Routing and Remote Access Service RRAS affected versions not specified Description An issue exists in the Windows Routing and Remote Access Service RRAS where an untrusted pointer dereference can occur. This allows an authorized attack...
PT-2025-46495
Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Description An untrusted pointer dereference exists in Microsoft Office Excel, potentially allowing a local attacker to execute code. This issue could enable unauthorized code execution...
PT-2025-46480
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description An issue exists in the Windows Ancillary Function Driver for WinSock that allows a local attacker to gain elevated privileges. The problem is due to an untrusted pointer dereference. There is...
Advisory ROSA-SA-2025-3065
Software: libxml2 2.9.7 OS: ROSA Virtualization 2.1 unaffected versions = libxml2-2.9.7-21.0.1.rv3.3 affected versions libxml2-2.9.7-21.0.1.1.rv3.3 CVE-ID: CVE-2025-6021 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a...