CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.16)
Produkty Emerson ValveLink przyjmują dane wejściowe, ale nie weryfikują lub błędnie weryfikują, czy te dane mają wymagane właściwości do bezpiecznego i poprawnego przetwarzania.
A NULL pointer dereference flaw was found in the GnuTLS library in the _gnutls_figure_common_ciphersuite() function.
An XSS vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to inject arbitrary web scripts or HTML via the SessionID parameter in query.asp.
A heap-buffer-overflow (off-by-one) vulnerability was found in the GnuTLS software in the template parsing logic of the certtool utility. An attacker can exploit this to cause an out-of-bounds NULL pointer write, leading to memory corruption and a denial-of-service (DoS) that could crash the system.
A bug in the Linux kernel causes a crash in the icl_update_topdown_event() function on Intel RaptorLake machines. The issue occurs when the function is invoked on E-core CPUs that do not support the perf metrics feature, leading to a general protection fault and system hang. The bug was introduced by commit f9bdf1f95339, which mistakenly replaced is_topdown_count() with is_topdown_event().
A heap-buffer-overread vulnerability was found in GnuTLS when handling the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows an attacker to create a certificate with a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that may contain sensitive data. As a result, confidential information may be exposed when GnuTLS verifies certificates from certain websites if the SCT is not checked correctly.
A double-free vulnerability was found in GnuTLS in the export logic of Subject Alternative Name (SAN) entries containing an otherName. The flaw is due to incorrect ownership handling of ASN.1 nodes, leading to a double-free condition when the parent function later attempts to free the same structure.
Insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets were discovered in Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17. This vulnerability allows an attacker to cause a Denial of Service (DoS) via a crafted LL_Length_Req packet.
The Realtek RTL8762E SDK V1.4.0 was found to have insufficient permission checks on critical fields in Bluetooth Low Energy (BLE) data packets. This vulnerability allows an attacker to cause a Denial of Service (DoS) via a crafted LL_Length_Req packet.
SQL Injection vulnerability in Abis, Inc Adjutant Core Accounting ERP build PreBeta250F allows a remote attacker to obtain sensitive information via the cid parameter in a GET request.
FortiOS and FortiProxy have a vulnerability related to improperly implemented security checks that may allow a remote unauthenticated user to bypass the DNS filter using Apple devices.
W MbedTLS w wersjach od 3.3.0 do 3.6.4 funkcja mbedtls_lms_import_public_key nie sprawdza, czy bufor wejściowy ma co najmniej 4 bajty przed odczytem 32-bitowego pola, co może prowadzić do odczytu poza granicami na skróconym wejściu. Atakujący mogą wykorzystać tę lukę, aby spowodować awarię lub ujawnienie ograniczonych danych z sąsiedniej pamięci.
W MbedTLS w wersjach od 3.3.0 do 3.6.4, funkcja mbedtls_lms_verify może akceptować nieprawidłowe podpisy, jeśli obliczenie hasha nie powiedzie się, a wewnętrzne błędy nie są sprawdzane. To umożliwia fałszowanie podpisów LMS w scenariuszach z błędami sprzętowymi.
A race condition in the Linux kernel between NFSD registration and /proc/fs/nfsd operations causes a NULL pointer dereference and kernel OOPS. Concurrent execution of exportfs -r and mount/umount of /proc/fs/nfsd triggers the bug in both older (5.4) and latest (6.14) kernels.
In the Linux kernel, a vulnerability was found where a careless NAT46 BPF program can cause a NULL pointer dereference and kernel crash. The issue occurs when the dst structure is not cleared after changing the skb protocol from IPv4 to IPv6, leaving stale IPv4 routing data.
A double-free vulnerability was found in the key export functionality of libssh. During error handling, a memory structure is freed but not cleared, potentially leading to a double free if another failure occurs. This could cause heap corruption or application instability in low-memory scenarios.
A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values, the function may mistakenly return a success status even when key derivation fails.
In the Linux kernel, a vulnerability was found in the netfilter module during lookup table allocation in the pipapo set. Missing overflow checks in multiplication can lead to integer overflow, potentially allowing privilege escalation or system crash.
In the Linux kernel, a vulnerability was found in the stmmac driver where the ptp_rate value is not validated before being used in EST configuration. If ptp_rate is 0, a division by zero occurs, potentially causing a system crash.
W jądrze systemu Linux zidentyfikowano podatność w kodzie USB-audio MIDI, która może prowadzić do nieprawidłowego działania timera podczas usuwania sterownika. W rzadkich przypadkach sterownik może zostać zwolniony bez wywołania funkcji odłączającej, co skutkuje ostrzeżeniem jądra w trybie debugowania.

