Total
3038 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15939 | 1 Gnu | 1 Binutils | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023. | |||||
| CVE-2017-15930 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer. | |||||
| CVE-2017-15921 | 1 Watchdogdevelopment | 2 Anti-malware, Online Security Pro | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. | |||||
| CVE-2017-15920 | 1 Watchdogdevelopment | 2 Anti-malware, Online Security Pro | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. | |||||
| CVE-2017-15846 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In the video_ioctl2() function in the camera driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-16, an untrusted pointer dereference may potentially occur. | |||||
| CVE-2017-15833 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, untrusted pointer dereference in update_userspace_power() function in power leads to information exposure. | |||||
| CVE-2017-15723 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message. | |||||
| CVE-2017-15721 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468. | |||||
| CVE-2017-15600 | 1 Gnu | 1 Libextractor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c. | |||||
| CVE-2017-15565 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document. | |||||
| CVE-2017-15526 | 1 Symantec | 1 Endpoint Encryption | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
| Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario. | |||||
| CVE-2017-15306 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm. | |||||
| CVE-2017-15299 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call. | |||||
| CVE-2017-15286 | 1 Sqlite | 1 Sqlite | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized. | |||||
| CVE-2017-15274 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192. | |||||
| CVE-2017-15267 | 1 Gnu | 1 Libextractor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c. | |||||
| CVE-2017-15232 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. | |||||
| CVE-2017-15120 | 2 Debian, Powerdns | 2 Debian Linux, Recursor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a denial of service. | |||||
| CVE-2017-15116 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference). | |||||
| CVE-2017-15102 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | 6.9 MEDIUM | 6.3 MEDIUM |
| The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference. | |||||