Total
2742 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-15721 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468. | |||||
CVE-2017-10965 | 1 Irssi | 1 Irssi | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. | |||||
CVE-2017-14641 | 1 Bento4 | 1 Bento4 | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A NULL pointer dereference was discovered in the AP4_DataAtom class in MetaData/Ap4MetaData.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. | |||||
CVE-2017-14504 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference. | |||||
CVE-2017-14974 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. | |||||
CVE-2017-12476 | 1 Bento4 | 1 Bento4 | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | |||||
CVE-2017-17439 | 2 Debian, Heimdal Project | 2 Debian Linux, Heimdal | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c. | |||||
CVE-2017-15274 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192. | |||||
CVE-2014-9949 | 1 Google | 1 Android | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist. | |||||
CVE-2016-9623 | 1 Tats | 1 W3m | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | |||||
CVE-2017-6841 | 1 Podofo Project | 1 Podofo | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
CVE-2016-7609 | 1 Apple | 1 Mac Os X | 2024-02-28 | 4.9 MEDIUM | 6.2 MEDIUM |
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "AppleGraphicsPowerManagement" component. It allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. | |||||
CVE-2015-8750 | 1 Libdwarf Project | 1 Libdwarf | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file. | |||||
CVE-2017-4916 | 2 Microsoft, Vmware | 3 Windows, Workstation Player, Workstation Pro | 2024-02-28 | 6.8 MEDIUM | 6.5 MEDIUM |
VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine. | |||||
CVE-2017-7994 | 1 Podofo Project | 1 Podofo | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | |||||
CVE-2016-9438 | 1 Tats | 1 W3m | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | |||||
CVE-2016-7053 | 1 Openssl | 1 Openssl | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to free certain invalid encodings. Only CHOICE structures using a callback which do not handle NULL value are affected. | |||||
CVE-2017-5951 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | |||||
CVE-2016-3616 | 4 Canonical, Debian, Libjpeg-turbo and 1 more | 4 Ubuntu Linux, Debian Linux, Libjpeg-turbo and 1 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. | |||||
CVE-2017-6842 | 1 Podofo Project | 1 Podofo | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. |