Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-10449 | 1 Qualcomm | 48 Mdm9206, Mdm9206 Firmware, Mdm9607 and 45 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, and SD 835, in a GNSS API function, a NULL pointer dereference can occur. | |||||
CVE-2015-9149 | 1 Qualcomm | 52 Mdm9206, Mdm9206 Firmware, Mdm9650 and 49 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a DIAG ioctl handler, an untrusted pointer dereference can occur. | |||||
CVE-2018-6951 | 2 Canonical, Gnu | 2 Ubuntu Linux, Patch | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue. | |||||
CVE-2018-9240 | 3 Canonical, Debian, Ncmpc Project | 3 Ubuntu Linux, Debian Linux, Ncmpc | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
ncmpc through 0.29 is prone to a NULL pointer dereference flaw. If a user uses the chat screen and another client sends a long chat message, a crash and denial of service could occur. | |||||
CVE-2017-12627 | 1 Apache | 1 Xerces-c\+\+ | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions. | |||||
CVE-2018-10323 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image. | |||||
CVE-2017-17770 | 1 Google | 1 Android | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in a power driver ioctl handler, an Untrusted Pointer Dereference may potentially occur. | |||||
CVE-2018-10322 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 2 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image. | |||||
CVE-2018-12928 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem. | |||||
CVE-2018-11256 | 1 Podofo Project | 1 Podofo | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append() in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | |||||
CVE-2017-5727 | 1 Intel | 1 Graphics Driver | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unprivileged user to elevate privileges via local access. | |||||
CVE-2018-6247 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-02-28 | 7.2 HIGH | 8.8 HIGH |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference may lead to denial of service or possible escalation of privileges. | |||||
CVE-2018-7998 | 2 Debian, Libvips | 2 Debian Linux, Libvips | 2024-02-28 | 5.1 MEDIUM | 7.5 HIGH |
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads. | |||||
CVE-2018-1066 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-02-28 | 7.1 HIGH | 6.5 MEDIUM |
The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery. | |||||
CVE-2018-11356 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record. | |||||
CVE-2017-5416 | 1 Mozilla | 2 Firefox, Thunderbird | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. This vulnerability affects Firefox < 52 and Thunderbird < 52. | |||||
CVE-2018-7525 | 1 Omron | 1 Cx-supervisor | 2024-02-28 | 4.6 MEDIUM | 5.3 MEDIUM |
In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability. | |||||
CVE-2018-7872 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | |||||
CVE-2018-13303 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service. | |||||
CVE-2018-1130 | 4 Canonical, Debian, Linux and 1 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls. |