Vulnerabilities (CVE)

Filtered by CWE-476
Total 2970 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-4900 1 Vmware 2 Workstation Player, Workstation Pro 2024-02-28 2.1 LOW 5.5 MEDIUM
VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
CVE-2017-14940 1 Gnu 1 Binutils 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file.
CVE-2017-12923 1 Libfpx Project 1 Libfpx 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
CVE-2017-14624 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-02-28 7.5 HIGH 9.8 CRITICAL
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
CVE-2017-12153 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-02-28 4.9 MEDIUM 4.4 MEDIUM
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.
CVE-2017-9631 1 Schneider-electric 1 Wonderware Archestra Logger 2024-02-28 5.0 MEDIUM 7.5 HIGH
A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The null pointer dereference vulnerability could allow an attacker to crash the logger process, causing a denial of service for logging and log-viewing (applications that use the Wonderware ArchestrA Logger continue to run when the Wonderware ArchestrA Logger service is unavailable).
CVE-2017-0686 1 Google 1 Android 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231231.
CVE-2017-17701 1 K7computing 1 Antivirus 2024-02-28 7.5 HIGH 9.8 CRITICAL
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025c8 DeviceIoControl request.
CVE-2017-16948 1 Tgsoft 1 Vir.it Explorer 2024-02-28 4.6 MEDIUM 7.8 HIGH
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730008 DeviceIoControl request to \\.\Viragtlt.
CVE-2017-11733 2 Debian, Libming 2 Debian Linux, Ming 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-12475 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The AP4_Processor::Process function in Core/Ap4Processor.cpp in Bento4 mp4encrypt before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.
CVE-2017-9503 2 Debian, Qemu 2 Debian Linux, Qemu 2024-02-28 1.9 LOW 5.5 MEDIUM
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing.
CVE-2015-2297 1 Libcsoap Project 1 Libcsoap 2024-02-28 5.0 MEDIUM 7.5 HIGH
nanohttp in libcsoap allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Authorization header.
CVE-2017-14975 2 Debian, Freedesktop 2 Debian Linux, Poppler 2024-02-28 5.0 MEDIUM 7.5 HIGH
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack.
CVE-2015-0928 1 Oisf 1 Libhtp 2024-02-28 5.0 MEDIUM 7.5 HIGH
libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference).
CVE-2017-11113 1 Gnu 1 Ncurses 2024-02-28 5.0 MEDIUM 7.5 HIGH
In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.
CVE-2015-9100 1 Lame Project 1 Lame 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.
CVE-2017-15267 1 Gnu 1 Libextractor 2024-02-28 5.0 MEDIUM 7.5 HIGH
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c.
CVE-2016-10344 1 Google 1 Android 2024-02-28 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in LTE.
CVE-2017-6257 5 Freebsd, Linux, Microsoft and 2 more 5 Freebsd, Kernel, Windows and 2 more 2024-02-28 7.2 HIGH 8.8 HIGH
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges