Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23915 | 1 Opennetworking | 1 Libfluid Msg | 2026-06-17 | N/A | 5.3 MEDIUM |
| Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::of13::InstructionSet::unpack. This issue affects libfluid: 0.1.0. | |||||
| CVE-2024-23085 | 1 Mikkotommila | 1 Apfloat | 2026-06-17 | N/A | 7.5 HIGH |
| Apfloat v1.10.1 was discovered to contain a NullPointerException via the component org.apfloat.internal.DoubleScramble::scramble(double[], int, int[]). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification. | |||||
| CVE-2022-41957 | 2 Hummus Project, Muhammara Project | 2 Hummus, Muhammara | 2026-06-17 | N/A | 7.5 HIGH |
| Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be parsed. The issue has been patched in muhammara version 3.4.0 and the fix has been backported to version 2.6.2. As a workaround, do not process files from untrusted sources. If using hummus, replace the package with muhammara. | |||||
| CVE-2026-24160 | 1 Nvidia | 1 Tensorrt Llm | 2026-05-21 | N/A | 5.5 MEDIUM |
| NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service. | |||||
| CVE-2026-44638 | 1 Saitoha | 1 Libsixel | 2026-05-15 | N/A | 2.5 LOW |
| libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixel_decode_raw and sixel_decode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter (always non-NULL) instead of the value the malloc returned. On allocation failure, the function continues and writes through a NULL pointer, crashing the process. This is a denial of service against any caller of these public APIs that hits a low-memory condition. This vulnerability is fixed in 1.8.7-r2. | |||||