Total
2760 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12697 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. | |||||
| CVE-2016-10489 | 1 Qualcomm | 2 Sd 400, Sd 400 Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer dereference. | |||||
| CVE-2018-11591 | 1 Espruino | 1 Espruino | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c. | |||||
| CVE-2017-17133 | 1 Huawei | 2 Vp9660, Vp9660 Firmware | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| Huawei VP9660 V500R002C10 has a null pointer reference vulnerability in license module due to insufficient verification. An authenticated local attacker could place a malicious license file into system which cause memory null pointer accessing and related processing crash. The attacker can exploit this vulnerability to cause a denial of service. | |||||
| CVE-2018-8740 | 2 Debian, Sqlite | 2 Debian Linux, Sqlite | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. | |||||
| CVE-2018-1094 | 3 Canonical, Linux, Redhat | 5 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 2 more | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
| The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image. | |||||
| CVE-2018-3841 | 1 Pixar | 1 Renderman | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x69). The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read-in is not validated, and its use can lead to a null pointer dereference. The IT application is opened by a user and then listens for a connection on port 4001. An attacker can deliver an attack once the application has been opened. | |||||
| CVE-2018-6249 | 5 Freebsd, Linux, Microsoft and 2 more | 5 Freebsd, Linux Kernel, Windows and 2 more | 2024-02-28 | 7.2 HIGH | 8.8 HIGH |
| NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges. | |||||
| CVE-2018-12102 | 1 Md4c Project | 1 Md4c | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block. | |||||
| CVE-2018-11696 | 1 Sass-lang | 1 Libsass | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||
| CVE-2018-7548 | 2 Canonical, Zsh | 2 Ubuntu Linux, Zsh | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result. | |||||
| CVE-2017-14435 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG.ini" without a cookie header to trigger this vulnerability. | |||||
| CVE-2018-13440 | 2 Audio File Library Project, Canonical | 2 Audio File Library, Ubuntu Linux | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert. | |||||
| CVE-2018-10768 | 4 Canonical, Debian, Freedesktop and 1 more | 7 Ubuntu Linux, Debian Linux, Poppler and 4 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected. | |||||
| CVE-2017-12472 | 1 Ccn-lite | 1 Ccn-lite | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| ccnl-ext-mgmt.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging missing NULL pointer checks after ccnl_malloc. | |||||
| CVE-2018-6963 | 1 Vmware | 2 Fusion, Workstation | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine trigger a denial-of-Service of their guest machine. | |||||
| CVE-2018-6319 | 1 Sophos | 1 Sophos Tester | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| In Sophos Tester Tool 3.2.0.7 Beta, the driver accepts a special DeviceIoControl code that doesn't check its argument. This argument is a memory address: if a caller passes a NULL pointer or a random invalid address, the driver will cause a Blue Screen of Death. If a program or malware does this at boot time, it can cause a persistent denial of service on the machine. | |||||
| CVE-2018-1065 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.7 MEDIUM | 4.7 MEDIUM |
| The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c. | |||||
| CVE-2018-12247 | 1 Mruby | 1 Mruby | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag). | |||||
| CVE-2018-7866 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | |||||