Vulnerabilities (CVE)

Filtered by CWE-476
Total 3038 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11637 1 Graphicsmagick 1 Graphicsmagick 2024-11-21 7.5 HIGH 9.8 CRITICAL
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.
CVE-2017-11590 1 Gnome 1 Libgxps 2024-11-21 4.3 MEDIUM 7.5 HIGH
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.
CVE-2017-11550 1 Libid3tag Project 1 Libid3tag 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.
CVE-2017-11522 1 Imagemagick 1 Imagemagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-11333 1 Xiph.org 1 Libvorbis 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file.
CVE-2017-11189 1 Rarzilla 1 Unrar-free 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the same as what was separately reported as CVE-2017-14121.
CVE-2017-11185 1 Strongswan 1 Strongswan 2024-11-21 5.0 MEDIUM 7.5 HIGH
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
CVE-2017-11125 1 Xar Project 1 Xar 2024-11-21 7.5 HIGH 9.8 CRITICAL
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.
CVE-2017-11124 1 Xar Project 1 Xar 2024-11-21 7.5 HIGH 9.8 CRITICAL
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.
CVE-2017-11113 1 Gnu 1 Ncurses 2024-11-21 5.0 MEDIUM 7.5 HIGH
In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.
CVE-2017-11101 1 Swftools 1 Swftools 2024-11-21 6.8 MEDIUM 8.8 HIGH
When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() function in lib/modules/swftools.c.
CVE-2017-11100 1 Swftools 1 Swftools 2024-11-21 6.8 MEDIUM 8.8 HIGH
When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c.
CVE-2017-11097 1 Swftools 1 Swftools 2024-11-21 6.8 MEDIUM 8.8 HIGH
When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a NULL Pointer Dereference in the dict_lookup() function in lib/q.c.
CVE-2017-11096 1 Swftools 1 Swftools 2024-11-21 6.8 MEDIUM 8.8 HIGH
When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() function in lib/modules/swffilter.c.
CVE-2017-11063 1 Google 1 Android 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur.
CVE-2017-10965 1 Irssi 1 Irssi 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer.
CVE-2017-10917 1 Xen 1 Xen 2024-11-21 9.4 HIGH 9.1 CRITICAL
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
CVE-2017-10792 1 Gnu 1 Pspp 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack.
CVE-2017-10790 1 Gnu 1 Libtasn1 2024-11-21 5.0 MEDIUM 7.5 HIGH
The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack.
CVE-2017-1000471 1 Embedthis 1 Goahead 2024-11-21 7.5 HIGH 9.8 CRITICAL
EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service.