80263 matches found
EUVD-2026-14463
A NULL pointer dereference in the daapreplyplaylists function src/httpddaap.c of owntone-server commit 3d1652d allows attackers to cause a Denial of Service DoS via sending a crafted DAAP request to the server...
EUVD-2026-14465
A NULL pointer dereference in the safeatou64 function src/misc.c of owntone-server through commit c4d57aa allows attackers to cause a Denial of Service DoS via sending a series of crafted HTTP requests to the server...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the NGAP Location Report message handling process. An attacker can cause the application to panic and potentially crash by sending a specially crafted, malformed message. Remediation Upgrade...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the ULNASTransport message handler when processing malformed messages that lack a Request Type. An attacker can cause the application to panic and potentially disrupt service by sending specially crafted...
Missing Default Case in Switch Statement
Overview Affected versions of this package are vulnerable to Missing Default Case in Switch Statement in the DataChangeNotification process due to a nil pointer dereference. An attacker can cause a panic and disrupt service availability by triggering this process with crafted input. Remediation...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the ULNASTransport message handler when processing malformed messages that lack a Request Type. An attacker can cause the application to panic and potentially disrupt service by sending specially crafted...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the UEAuthentication process when a nil SuciSupiMap interface is converted. An attacker can cause the application to panic and terminate unexpectedly by sending specially crafted authentication requests...
Missing Default Case in Switch Statement
Overview Affected versions of this package are vulnerable to Missing Default Case in Switch Statement in the DataChangeNotification process due to a nil pointer dereference. An attacker can cause a panic and disrupt service availability by triggering this process with crafted input. Remediation...
GO-2026-4757 free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference in github.com/free5gc/udm
free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference in github.com/free5gc/udm...
CVE-2026-26829
A NULL pointer dereference in the safeatou64 function src/misc.c of owntone-server through commit c4d57aa allows attackers to cause a Denial of Service DoS via sending a series of crafted HTTP requests to the server...
CVE-2026-26828
A NULL pointer dereference in the daapreplyplaylists function src/httpddaap.c of owntone-server commit 3d1652d allows attackers to cause a Denial of Service DoS via sending a crafted DAAP request to the server...
Security update for the Linux Kernel (Live Patch 37 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.153 fixes various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. CVE-2023-53781: smc: Fix use-after-free in tcpwritetimerhandl...
SUSE-SU-2026:0983-1 Security update for the Linux Kernel (Live Patch 37 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.153 fixes various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. - CVE-2023-53781: smc: Fix use-after-free in...
Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.290 fixes various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. CVE-2022-50756: nvme-pci: fix mempool alloc size bsc1256217...
SUSE-SU-2026:0967-1 Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.290 fixes various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. - CVE-2022-50756: nvme-pci: fix mempool alloc size bsc1256217. -...
CLSA-2026-1774273237 libtiff: Fix of CVE-2025-61143
CVE-2025-61143: fix NULL pointer dereference in tiffcrop add null checks and pointer validation, prevent crash...
golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS
A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...
PT-2026-27147
A NULL pointer dereference in the safe atou64 function src/misc.c of owntone-server through commit c4d57aa allows attackers to cause a Denial of Service DoS via sending a series of crafted HTTP requests to the server...
CVE-2026-26829
CVE-2026-26829 affects owntone-server. A NULL pointer dereference in safe_atou64 (src/misc.c) introduced via commit c4d57aa can cause DoS when processing crafted HTTP requests. Public details include a PoC and advisory references, indicating exploitability publicly in some contexts. The CVSS v3.1...
CVE-2026-26829
A NULL pointer dereference in the safeatou64 function src/misc.c of owntone-server through commit c4d57aa allows attackers to cause a Denial of Service DoS via sending a series of crafted HTTP requests to the server...