80118 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-31421
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: clsfw: fix NULL pointer dereference on shared blocks The old-method path in fwclassify calls tcfblockq and dereferences q-handle. Shared blocks leave...
PT-2026-32347
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the fw classify function when an empty cls fw filter is attached to a shared block and a packet with a nonzero major skb mark is classified. This...
SUSE-SU-2026:1274-1 Security update for the Linux Kernel (Live Patch 19 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.84 fixes various security issues The following security issues were fixed: - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf bsc1256780. - CVE-2026-22999: net/sched: schqfq: do not fr...
OESA-2026-1886 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.CVE-2026-32776 libexpat...
OESA-2026-1885 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.CVE-2026-32776 libexpat...
OESA-2026-1884 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.CVE-2026-32776 libexpat...
OESA-2026-1883 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.CVE-2026-32776 libexpat...
OESA-2026-1882 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.CVE-2026-32776 libexpat...
Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo
...
SUSE-SU-2026:1262-1 Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.31 fixes various security issues The following security issues were fixed: - CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc bsc1258051. - CVE-2026-23111: netfilter: nftables: fix inverted genmask check i...
EUVD-2026-21380
NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or unexpected behavior...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the response file processing due to a dangling pointer to freed memory being stored in the global dependfile and later dereferenced after the response-file buffer is freed. An attacker can cause data corruption or...
Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...
DEBIAN-CVE-2026-6068
NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...
CVE-2026-6068
NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...
UBUNTU-CVE-2026-6068
NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...
CVE-2026-6068 CVE-2026-6068
NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...
CVE-2026-6068
CVE-2026-6068 affects NASM. A heap-use-after-free in response file processing (-@) stores a dangling pointer to freed memory in the global depend_file, which is later dereferenced after the response-file buffer is freed. This can cause data corruption and, per sources, may enable remote code exec...
CVE-2026-28388
A flaw was found in OpenSSL. When processing a malformed delta Certificate Revocation List CRL that lacks a required CRL Number extension, a NULL pointer dereference can occur. This vulnerability can be exploited by a remote attacker who provides a specially crafted delta CRL to an application th...
CVE-2026-28389
A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence,...