79831 matches found
DEBIAN-CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
DEBIAN-CVE-2025-55651
A NULL pointer dereference in the gfisomgetuserdatacount function isomedia/isomread.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
DEBIAN-CVE-2025-55659
A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55651
A NULL pointer dereference in the gfisomgetuserdatacount function isomedia/isomread.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55659
A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
UBUNTU-CVE-2025-55651
A NULL pointer dereference in the gfisomgetuserdatacount function isomedia/isomread.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
UBUNTU-CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
UBUNTU-CVE-2025-55659
A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the QUIC server when address validation is disabled. An attacker can crash the server by sending an initial packet with an invalid or expired token. Address validation is enabled by default, so this is...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the osslcmsRecipientInfopwricrypt function. An attacker who supplies a malicious password-encrypted CMS message can crash an application, because the PasswordRecipientInfo.keyDerivationAlgorithm field is...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference during OCSP response checking. When a verification chain lacks a self-signed trusted anchor, the issuer of the last certificate is NULL, but the OCSP code accesses the next certificate as the issuer, dereferenci...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in OSSLCRMFENCRYPTEDVALUEdecrypt. An attacker in a MitM position can return a CRMF CertRepMessage whose EncryptedValue carries a symmAlg field with an algorithm OID but no parameters, dereferencing NULL when the...
EUVD-2026-35690
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
EUVD-2026-35652
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
EUVD-2026-35649
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
EUVD-2026-35540
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
EUVD-2026-35483
Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is define...
EUVD-2026-35482
Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...
CVE-2026-34703
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this...