CVE-2026-6526

The CVE-2026-6526 entry concerns a NULL pointer dereference in the RTSP protocol dissector of Wireshark, affecting versions 4.6.0 through 4.6.4. This crash is the defined impact, with CVSSv3.1 metrics indicating Local attack vector, Low attack complexity, requiring user interaction, and a High av...

CVE-2026-6524 Access of Uninitialized Pointer in Wireshark

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6524

The CVE-2026-6524 entry documents a crash in Wireshark’s MySQL protocol dissector, affecting Wireshark versions 4.6.0–4.6.4 and 4.4.0–4.4.14 due to an access of an uninitialized pointer, leading to denial of service. The affected component is the MySQL protocol dissector; the exact root cause is ...

CVE-2026-6524 Access of Uninitialized Pointer in Wireshark

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6870 Access of Uninitialized Pointer in Wireshark

GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6870

Wireshark GSM RP protocol dissector contains a crash that enables denial of service in versions 4.6.0–4.6.4 and 4.4.0–4.4.14. The issue is triggered in the dissector code for GSM RP, as reported in the CVE entry and the associated CVE list records. Exploitation details, root cause specifics, affe...

CVE-2026-6870 Access of Uninitialized Pointer in Wireshark

GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-7376 NULL Pointer Dereference in Wireshark

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-7376 NULL Pointer Dereference in Wireshark

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-7376

The vulnerability CVE-2026-7376 affects the sharkd component of Wireshark, with crashes that can cause denial of service. Affected versions are 4.6.0–4.6.4 and 4.4.0–4.4.14. The available sources (SUSE, Red Hat, NVD, Debian OSV, CVE listings) confirm the crash as the impact. Root cause details ar...

Exploit-Dev-Lab-Vulnserver-TRUN

Buffer Overflow Exploitation — Vulnserver TRUN Ty...

PT-2026-36085

Name of the Vulnerable Software and Affected Versions ASR1903 affected versions not specified Description A NULL pointer dereference in the ims client modules of ASR Lapwing Linux on Linux allows pointer manipulation. This issue is associated with the program file 'sip/utils/src/sipuri.c'. A NULL...

PT-2026-36195

Name of the Vulnerable Software and Affected Versions Exim versions prior to 4.99.2 Description On systems using musl libc instead of glibc, an attacker can crash the connection instance by providing malformed DNS data in PTR records. This issue stems from an oddity in octal printing within the d...

EUVD-2026-26442

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

ASR Lapwing_Linux 代码问题漏洞

ASR LapwingLinux is a device firmware developed by ASR Corporation. ASR LapwingLinux has a code vulnerability that stems from a null pointer dereferencing in the imsclient module, which may lead to pointer-related issues...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

RockyLinux 8 : firefox (RLSA-2026:10766)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:10766 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScri...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc (not glibc), a vulnerability can crash the connection instance when malformed DNS PTR data is present. The issue arises from a dn_expand octal printing oddity in the handling of PTR records, as described in multiple sources. Affected software/comp...

Medium: openssl

Issue Overview: NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NULL dereference when processing CMS KeyTransportRecipientInfo...