80300 matches found
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression bsc1258743. CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. CVE-2026-24485: denial of service via malforme...
SUSE-SU-2026:0853-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression bsc1258743. - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-24485: denial of service via...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression bsc1258743. CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. CVE-2026-24485: denial of service via malforme...
SUSE-SU-2026:0852-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression bsc1258743. - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-24485: denial of service via...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression bsc1258743. CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. CVE-2026-24485: denial of service via malforme...
firefox: thunderbird: Invalid pointer in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript Engine component...
CVE-2026-2261
Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes...
EUVD-2025-208405
In some cases, the tcp-setmss handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host ma...
EUVD-2025-208406
In some cases, the tcp-setmss handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host ma...
CVE-2025-14769
In some cases, the tcp-setmss handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host ma...
CVE-2025-14769 ipfw denial of service
In some cases, the tcp-setmss handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host ma...
firefox: thunderbird: Invalid pointer in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript Engine component...
CLSA-2026-1773051259 libtiff: Fix of CVE-2025-61143
CVE-2025-61143: fix OOB in tiffdither and fix null pointer dereference in tiffcrop...
OPENSUSE-SU-2026:20337-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. - CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. - CVE-2026-23876: ImageMagick: maliciously crafted image can le...
kernel: net: af_can: do not leave a dangling sk pointer in can_create()
In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...
CVE-2026-3665
A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...
CVE-2026-29781
Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting...
firefox: thunderbird: Invalid pointer in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript Engine component...
firefox: thunderbird: Invalid pointer in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript Engine component...
firefox: thunderbird: Invalid pointer in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript Engine component...