Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-16517 | 1 Nasm | 1 Netwide Assembler | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. | |||||
CVE-2018-12799 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011.30096 and earlier, and 2015.006.30434 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2018-14613 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c. | |||||
CVE-2018-5801 | 4 Canonical, Debian, Libraw and 1 more | 6 Ubuntu Linux, Debian Linux, Libraw and 3 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. | |||||
CVE-2018-14614 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image. | |||||
CVE-2018-18227 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values. | |||||
CVE-2017-2635 | 1 Redhat | 1 Libvirt | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service. | |||||
CVE-2018-20426 | 1 Libming | 1 Libming | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
libming 0.4.8 has a NULL pointer dereference in the newVar3 function of the decompile.c file, a different vulnerability than CVE-2018-7866. | |||||
CVE-2018-16328 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. | |||||
CVE-2018-17000 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp. | |||||
CVE-2018-18318 | 1 Qiku | 2 360 Mobile Phone N6 Pro, 360 Mobile Phone N6 Pro Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
The /dev/block/mmcblk0rpmb driver kernel module on Qiku 360 Phone N6 Pro 1801-A01 devices allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted 0xc0d8b300 ioctl call. | |||||
CVE-2018-17073 | 1 Bitmap Project | 1 Bitmap | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via a 4-bit image. | |||||
CVE-2019-8382 | 1 Axiosys | 1 Bento4 | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when called from Core/Ap4Movie.cpp. It can be triggered by sending a crafted file to the mp4dump binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
CVE-2018-20786 | 1 Leonerd | 1 Libvterm | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c. | |||||
CVE-2018-18883 | 1 Xen | 1 Xen | 2024-02-28 | 7.2 HIGH | 8.8 HIGH |
An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified other impact because nested VT-x is not properly restricted. | |||||
CVE-2019-5006 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing. | |||||
CVE-2019-7153 | 1 Webassembly | 1 Binaryen | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt. | |||||
CVE-2017-18298 | 1 Qualcomm | 52 Mdm9206, Mdm9206 Firmware, Mdm9607 and 49 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660 . | |||||
CVE-2018-20425 | 1 Libming | 1 Libming | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
libming 0.4.8 has a NULL pointer dereference in the pushdup function of the decompile.c file. | |||||
CVE-2018-15863 | 2 Canonical, Xkbcommon | 3 Ubuntu Linux, Libxkbcommon, Xkbcommon | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression. |