Zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS open-sourced by Zephyr. A security vulnerability exists in Zephyr that stems from the ability to point to the previous byte of a string pointer if the lastbytep string is null...

The vulnerability of the gsmi component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the gsmi component in the Linux operating system’s kernel is related to the assignment of NULL pointers. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of Nilfs2 components in the Linux operating system’s kernel, related to the assignment of NULL pointers, allows attackers to trigger a service failure.

The vulnerability of nilfs2 components in the Linux operating system’s kernel is related to the assignment of NULL pointers. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Windows Networking (WNet) service in Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Windows Networking WNet service in Windows operating systems is related to the use of the NULL pointer pointer. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

NewStart CGSL MAIN 6.02 : libxml2 Multiple Vulnerabilities (NS-SA-2024-0055)

The remote NewStart CGSL host, running version MAIN 6.02, has libxml2 packages installed that are affected by multiple vulnerabilities: - A Cross-site scripting XSS vulnerability was found in libxml2. A specially crafted input, when serialized and re-parsed by the libxml2 library, will result in ...

CVE-2023-51368

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to launch a denial-of-service DoS attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722...

CVE-2024-45006

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration re-enumerating full-speed devices after a failed address device command can trigger a NULL pointer dereference. Full-speed devices may need to reconfigure th...

CVE-2024-42307

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroyworkqueue in initcifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 initcifs error: we previously assumed 'serverclosewq' could be nul...

CVE-2024-42307

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroyworkqueue in initcifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 initcifs error: we previously assumed 'serverclosewq' could be nul...

CVE-2024-42478

llama.cpp provides LLM inference in C/C++. The unsafe data pointer member in the rpctensor structure can cause arbitrary address reading. This vulnerability is fixed in b3561...

CVE-2024-42479

In llama.cpp, a vulnerability exists in the unsafe data pointer member of the rpc_tensor structure, enabling arbitrary address writes via rpc_server::set_tensor. The issue is a code-level flaw in LLM inference code paths written in C/C++, with a root cause tied to the data pointer in the rpc_tens...

Zabbix 安全漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A security vulnerability exists in Zabbix versions 6.0.30, 6.4.15, and 7.0.0 that stems from a user being able to directly modify memory...

CVE-2024-41089

CVE-2024-41089 relates to the Linux kernel DRM/Nouveau code path: in nv17_tv_get_hd_modes(), the return of drm_mode_duplicate() (and drm_cvt_mode()) could be NULL on failure, leading to a NULL pointer dereference. The fix adds a NULL check to avoid dereferencing a NULL mode object. Impact is a lo...

CVE-2024-40951

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in ocfs2aborttrigger bdev-bdsuper has been removed and commit 8887b94d9322 change the usage from bdev-bdsuper to bassocmap-host-isb. Since ocfs2 hasn't set bh-bassocmap, it will trigger NULL...

CVE-2024-40982

CVE-2024-40982 affects the Linux kernel in the ssb_device_uevent() path where a NULL pointer could be dereferenced before a NULL check. The fix moves the NULL check before dereferencing, mitigating the issue. In Mariner 2.0, kernels older than 5.15.176.3-2 are affected; upgrading to 5.15.176.3-2 ...

Siemens JT Open Toolkit 代码问题漏洞

The Siemens JT Open Toolkit Siemens JTTK is a C++ application programming interface API from Siemens, Germany.The PLM XML SDK is a lightweight, flexible mechanism for product data transfer. It supports an adapter-based approach to transform data from any source into an XML representation. A null...

CVE-2021-47540

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix NULL pointer dereference in mt7915getphymode Fix the following NULL pointer dereference in mt7915getphymode routine adding an ibss interface to the mt7915 driver. 101.137097 wlan0: Trigger new scan to find an IB...

CVE-2023-52833

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Add date-evtskb is NULL check fix crash because of null pointers 6104.969662 BUG: kernel NULL pointer dereference, address: 00000000000000c8 6104.969667 PF: supervisor read access in kernel mode 6104.969668 PF:...

CVE-2023-52808 scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Set debugfsdir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfsremoverecursive is called, after which debugfsdir is not set to NULL...

CVE-2021-47269

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3wIndextodep and we might be referring a non-existing ep and trigger a NULL pointer exception. In certain configurations we might use fewer ep...