CVE-2026-6870 Access of Uninitialized Pointer in Wireshark

GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6870

Wireshark GSM RP protocol dissector contains a crash that enables denial of service in versions 4.6.0–4.6.4 and 4.4.0–4.4.14. The issue is triggered in the dissector code for GSM RP, as reported in the CVE entry and the associated CVE list records. Exploitation details, root cause specifics, affe...

CVE-2026-7376 NULL Pointer Dereference in Wireshark

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-7376 NULL Pointer Dereference in Wireshark

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-7376

The vulnerability CVE-2026-7376 affects the sharkd component of Wireshark, with crashes that can cause denial of service. Affected versions are 4.6.0–4.6.4 and 4.4.0–4.4.14. The available sources (SUSE, Red Hat, NVD, Debian OSV, CVE listings) confirm the crash as the impact. Root cause details ar...

Exploit-Dev-Lab-Vulnserver-TRUN

Buffer Overflow Exploitation — Vulnserver TRUN Ty...

PT-2026-36085

Name of the Vulnerable Software and Affected Versions ASR1903 affected versions not specified Description A NULL pointer dereference in the ims client modules of ASR Lapwing Linux on Linux allows pointer manipulation. This issue is associated with the program file 'sip/utils/src/sipuri.c'. A NULL...

PT-2026-36195

Name of the Vulnerable Software and Affected Versions Exim versions prior to 4.99.2 Description On systems using musl libc instead of glibc, an attacker can crash the connection instance by providing malformed DNS data in PTR records. This issue stems from an oddity in octal printing within the d...

EUVD-2026-26442

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

Medium: openssl

Issue Overview: NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NULL dereference when processing CMS KeyTransportRecipientInfo...

Medium: openssl-snapsafe

Issue Overview: NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NULL dereference when processing CMS KeyTransportRecipientInfo...

ASR Lapwing_Linux 代码问题漏洞

ASR LapwingLinux is a device firmware developed by ASR Corporation. ASR LapwingLinux has a code vulnerability that stems from a null pointer dereferencing in the imsclient module, which may lead to pointer-related issues...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc (not glibc), a vulnerability can crash the connection instance when malformed DNS PTR data is present. The issue arises from a dn_expand octal printing oddity in the handling of PTR records, as described in multiple sources. Affected software/comp...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

RockyLinux 8 : firefox (RLSA-2026:10766)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:10766 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScri...

GoBGP has Remote Denial of Service (Panic) via Malformed Well-known Path Attribute

Summary A remote Denial of Service DoS vulnerability exists in GoBGP due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized Path Attribute marked as "Well-known," the daemon fails to interrupt the message handling flow. This results in an illegal memory...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the recvMessageloop process. An attacker can cause the daemon to crash by sending a specially crafted BGP UPDATE message containing an unrecognized Path Attribute marked as "Well-known," which leads to a nil...

GHSA-7235-89M6-F4PX GoBGP has Remote Denial of Service (Panic) via Malformed Well-known Path Attribute

Summary A remote Denial of Service DoS vulnerability exists in GoBGP due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized Path Attribute marked as "Well-known," the daemon fails to interrupt the message handling flow. This results in an illegal memory...