Total
2742 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-3169 | 1 Apache | 1 Http Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port. | |||||
| CVE-2017-17113 | 1 Ikarussecurity | 1 Anti.virus | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request. | |||||
| CVE-2017-11750 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
| CVE-2017-16883 | 1 Libming | 1 Libming | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file. | |||||
| CVE-2017-17699 | 1 K7computing | 1 Antivirus | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request. | |||||
| CVE-2017-4938 | 1 Vmware | 2 Fusion, Workstation | 2024-02-28 | 2.1 LOW | 6.5 MEDIUM |
| VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. | |||||
| CVE-2017-15023 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. | |||||
| CVE-2017-15232 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. | |||||
| CVE-2017-11100 | 1 Swftools | 1 Swftools | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c. | |||||
| CVE-2017-1000050 | 4 Canonical, Fedoraproject, Jasper Project and 1 more | 6 Ubuntu Linux, Fedora, Jasper and 3 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service. | |||||
| CVE-2017-9988 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c. | |||||
| CVE-2017-10917 | 1 Xen | 1 Xen | 2024-02-28 | 9.4 HIGH | 9.1 CRITICAL |
| Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221. | |||||
| CVE-2017-17050 | 1 Tgsoft | 1 Vir.it Explorer | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730020 DeviceIoControl request to \\.\Viragtlt. | |||||
| CVE-2018-5710 | 1 Mit | 1 Kerberos | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client. | |||||
| CVE-2018-5308 | 1 Podofo Project | 1 Podofo | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. | |||||
| CVE-2017-17505 | 1 Hdfgroup | 1 Hdf5 | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. | |||||
| CVE-2015-8592 | 1 Google | 1 Android | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not validated prior to being dereferenced potentially resulting in Guest-OS memory corruption. | |||||
| CVE-2015-7549 | 1 Qemu | 1 Qemu | 2024-02-28 | 2.1 LOW | 6.0 MEDIUM |
| The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method. | |||||
| CVE-2017-14625 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c. | |||||
| CVE-2017-9229 | 3 Oniguruma Project, Php, Ruby-lang | 3 Oniguruma, Php, Ruby | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition. | |||||