ROS-20260515-73-0005

A vulnerability in the opcryptkeycallback function of the Firebird database management system is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2026-44638

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixeldecoderaw and sixeldecode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter alway...

CVE-2026-44638

CVE-2026-44638 affects the libsixel SIXEL encoder/decoder. A wrong NULL check after allocation in sixel_decode_raw and sixel_decode causes a NULL pointer dereference when allocation fails, enabling a denial-of-service for callers under low-memory conditions. The issue stems from testing the addre...

CVE-2026-44638

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixeldecoderaw and sixeldecode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter alway...

CVE-2025-62627

An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability...

CLSA-2026-1778787692 Fix CVE(s): CVE-2026-7258, CVE-2026-7262, CVE-2026-7568

SECURITY UPDATE: NULL pointer dereference in SOAP apache:Map decoder - debian/patches/CVE-2026-7262.patch: fix wrong variable checked in tozvalmap NULL check, changing if !xmlKey to if !xmlValue - CVE-2026-7262 SECURITY UPDATE: Signed integer overflow in metaphone char array offset -...

krb5 security update

An update is available for krb5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of...

PT-2026-41034

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixel decode raw and sixel decode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter...

MiracleLinux 8 : krb5-1.18.2-34.el8_10 (AXSA:2026-613:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-613:03 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via...

CVE-2026-34339

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally...

CVE-2026-34350

Null pointer dereference in Windows Storport Miniport Driver allows an unauthorized attacker to deny service over a network...

CVE-2026-40413

Windows TCP/IP Denial of Service Vulnerability...

CVE-2026-40401

Windows TCP/IP Denial of Service Vulnerability...

CVE-2026-40367

Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally...

CVE-2025-62627

An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability...

CVE-2025-62627

Vulnerability CVE-2025-62627 describes an untrusted pointer dereference in AMD Ionic cloud driver used with VMware ESXi/ESX hosts (AMD-Pensando DPU integration). This could allow an unprivileged VM to read kernel memory or memory of co-located VMs, exposing confidentiality and impacting availabil...

VMware ESXi 安全漏洞

VMware ESXi is a server virtualization platform developed by the American company VMware, which can be directly installed on physical servers. VMware ESXi has a security vulnerability that stems from unreliable pointer dereferencing. This vulnerability could allow attackers to access kernel memor...

ALSA-2026:16799 Important: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

AlmaLinux 8 : krb5 (ALSA-2026:16799)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16799 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via NULL...

CVE-2026-28985

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service...