Total
2760 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8380 | 1 Axiosys | 1 Bento4 | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in AP4_Track::GetSampleIndexForTimeStampMs() located in Core/Ap4Track.cpp. It can triggered by sending a crafted file to the mp4audioclip binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2018-14609 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized. | |||||
| CVE-2018-15861 | 2 Canonical, Xkbcommon | 3 Ubuntu Linux, Libxkbcommon, Xkbcommon | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure. | |||||
| CVE-2019-8379 | 4 Advancemame, Debian, Fedoraproject and 1 more | 6 Advancecomp, Debian Linux, Fedora and 3 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file. | |||||
| CVE-2018-18937 | 1 Mz-automation | 1 Libiec61850 | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c. | |||||
| CVE-2018-18873 | 4 Canonical, Debian, Jasper Project and 1 more | 5 Ubuntu Linux, Debian Linux, Jasper and 2 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c. | |||||
| CVE-2018-19209 | 1 Nasm | 1 Netwide Assembler | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack. | |||||
| CVE-2018-17282 | 1 Exiv2 | 1 Exiv2 | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference. | |||||
| CVE-2018-14543 | 1 Axiosys | 1 Bento4 | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump. | |||||
| CVE-2018-17893 | 1 Lcds | 1 Laquis Scada | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, which may allow remote code execution. | |||||
| CVE-2019-5007 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-02-28 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing. | |||||
| CVE-2019-7233 | 1 Libdoc Project | 1 Libdoc | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference. | |||||
| CVE-2018-14737 | 1 Pbc Project | 1 Pbc | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A NULL pointer dereference can occur in pbc_wmessage_string in wmessage.c. | |||||
| CVE-2018-16851 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There is no further vulnerability associated with this issue, merely a denial of service. | |||||
| CVE-2018-20195 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference was discovered in ic_predict of libfaad/ic_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | |||||
| CVE-2019-7151 | 1 Webassembly | 1 Binaryen | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference was discovered in wasm::Module::getFunctionOrNull in wasm/wasm.cpp in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt. | |||||
| CVE-2019-8377 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2018-14612 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks in check_leaf in fs/btrfs/tree-checker.c. | |||||
| CVE-2018-20357 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash. | |||||
| CVE-2019-9208 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences. | |||||