Total
2742 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-15286 | 1 Sqlite | 1 Sqlite | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized. | |||||
CVE-2017-14149 | 1 Embedthis | 1 Goahead | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request. | |||||
CVE-2017-14406 | 1 Mp3gain | 1 Mp3gain | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A NULL pointer dereference was discovered in sync_buffer in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. | |||||
CVE-2017-16647 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | 6.6 MEDIUM |
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. | |||||
CVE-2017-7659 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process. | |||||
CVE-2017-17129 | 1 Libav | 1 Libav | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file. | |||||
CVE-2015-9043 | 1 Google | 1 Android | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer. | |||||
CVE-2017-14505 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input. | |||||
CVE-2017-8536 | 1 Microsoft | 13 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 10 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542. | |||||
CVE-2017-12952 | 1 Libgig0 | 1 Libgig | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file. | |||||
CVE-2017-15526 | 1 Symantec | 1 Endpoint Encryption | 2024-02-28 | 5.2 MEDIUM | 6.8 MEDIUM |
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario. | |||||
CVE-2017-14638 | 1 Bento4 | 1 Bento4 | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h. | |||||
CVE-2017-14228 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service. | |||||
CVE-2017-1000445 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service | |||||
CVE-2017-11125 | 1 Xar Project | 1 Xar | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c. | |||||
CVE-2017-13065 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | |||||
CVE-2017-12192 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation. | |||||
CVE-2017-6252 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler where a NULL pointer dereference may lead to a denial of service or potential escalation of privileges. | |||||
CVE-2017-15019 | 1 Lame Project | 1 Lame | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file, because of an incorrect calloc call. | |||||
CVE-2017-14640 | 1 Bento4 | 1 Bento4 | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A NULL pointer dereference was discovered in AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. |