CVE-2025-48722

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...

CVE-2025-47205

A NULL pointer dereference vulnerability affecting several QNAP OS lines. An attacker who already has an administrator account can trigger a network-based DoS on affected systems. Affected products include QTS 5.2.8.3332 build 20251128 and later, and QuTS hero h5.2.8.3321 build 20251117 and later...

PT-2026-7544

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description A flaw exists in Qsync Central that, if exploited by a remote attacker with a user account, could lead to a denial-of-service DoS attack. The issue is due to a NULL pointer dereference...

CVE-2026-1973 Free5GC SMF establishPfcpSession null pointer dereference

A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. I...

ROS-20260205-73-0006

A vulnerability in the tlsstrpflushanchorcopy function of the Linux kernel is related to a pointer dereferencing error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CentOS 9 : kernel-5.14.0-669.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-669.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when...

php: pgsql extension does not check for errors during escaping

A flaw was found in PHP. Missing error checking could result in SQL injection, and missing error handling could lead to crashes due to null pointer dereferences...

GPAC code-related vulnerabilities

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 2.4.0 have code vulnerabilities. These vulnerabilities stem from incorrect handling of parameters in the Name field in the src/mediatools/mediaexport.c file, which may lead to null pointer dereferencing...

CVE-2025-66720

Null pointer dereference in free5gc pcf 1.4.0 in file internal/sbi/processor/ampolicy.go in function HandleDeletePoliciesPolAssoId...

CVE-2025-66720

Null pointer dereference in free5gc pcf 1.4.0 in file internal/sbi/processor/ampolicy.go in function HandleDeletePoliciesPolAssoId...

CVE-2025-57155

NULL pointer dereference in the daapreplygroups function in src/httpddaap.c in owntone-server through commit 5e6f19a newer commit after version 28.2 allows remote attackers to cause a Denial of Service...

CVE-2025-63647

A NULL pointer dereference in the parsemeta function src/httpddaap.c of owntone-server commit 334beb allows attackers to cause a Denial of Service DoS via sending a crafted DAAP request to the server...

CVE-2025-63648

A NULL pointer dereference in the dacpreplyplayqueueeditmove function src/httpddacp.c of owntone-server commit b7e385f allows attackers to cause a Denial of Service DoS via sending a crafted DACP request to the server...

MiracleLinux 8 : net-snmp-5.8-27.el8 (AXSA:2023-5698:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5698:03 advisory. net-snmp: NULL Pointer Exception when handling ipDefaultTTL CVE-2022-44792 net-snmp: NULL Pointer Exception when handling pv6IpForwarding...

MiracleLinux 7 : libtiff-4.0.3-35.0.2.el7.AXS7 (AXSA:2024-8988:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8988:07 advisory. CVE-2024-7006: check return value of TIFFCreateAnonField CVEs: CVE-2024-7006 A null pointer dereference flaw was found in Libtiff via tifdirinfo.c. This issu...

CVE-2025-71124

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preemptpreparepostamble after error check Move the call to preemptpreparepostamble after verifying that preemptpostambleptr is valid. If preemptpostambleptr is NULL, dereferencing it in preemptpreparepostamble...

ROS-20260114-7310

A vulnerability in the otx2flows.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fixed the potential error pointer dereferencing in the probe function. The drv-sramreg pointer could potentially be set to ERRPTR-EPROBEDEFER, which would lead to an error pointer dereferencing. Use...

CVE-2025-15504

A security flaw has been discovered in lief-project LIEF up to 0.17.1. Affected by this issue is the function Parser::parsebinary of the file src/ELF/Parser.tcc of the component ELF Binary Parser. The manipulation results in null pointer dereference. The attack must be initiated from a local...

CVE-2026-21502

CVE-2026-21502 affects iccDEV: prior to version 2.3.1.2, the XML tag parser can dereference a NULL pointer. This vulnerability is patched in 2.3.1.2. Red Hat and other sources confirm the issue and remediation is to upgrade to 2.3.1.2 or later. Impact details specify a NULL pointer dereference in...