Vulnerabilities (CVE)

Filtered by CWE-476
Total 2991 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-3070 2 Debian, Linux 2 Debian Linux, Linux Kernel 2024-02-28 4.6 MEDIUM 7.8 HIGH
The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move.
CVE-2016-9114 1 Uclouvain 1 Openjpeg 2024-02-28 5.0 MEDIUM 7.5 HIGH
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
CVE-2015-8551 4 Debian, Linux, Opensuse and 1 more 8 Debian Linux, Linux Kernel, Opensuse and 5 more 2024-02-28 4.7 MEDIUM 6.0 MEDIUM
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."
CVE-2016-4649 1 Apple 1 Mac Os X 2024-02-28 2.1 LOW 5.5 MEDIUM
Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2016-9116 1 Uclouvain 1 Openjpeg 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
CVE-2015-8922 4 Canonical, Libarchive, Novell and 1 more 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.
CVE-2016-6504 1 Wireshark 1 Wireshark 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
CVE-2013-4118 2 Freerdp, Opensuse 3 Freerdp, Leap, Opensuse 2024-02-28 5.0 MEDIUM 7.5 HIGH
FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
CVE-2015-8956 2 Google, Linux 2 Android, Linux Kernel 2024-02-28 3.6 LOW 6.1 MEDIUM
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.
CVE-2016-1811 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.
CVE-2015-0573 1 Linux 1 Linux Kernel 2024-02-28 7.5 HIGH 9.8 CRITICAL
drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via a crafted application that makes a TSC_GET_CARD_STATUS ioctl call.
CVE-2014-3470 6 Fedoraproject, Mariadb, Openssl and 3 more 11 Fedora, Mariadb, Openssl and 8 more 2024-02-28 4.3 MEDIUM N/A
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
CVE-2014-4344 3 Debian, Mit, Redhat 6 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 3 more 2024-02-28 7.8 HIGH N/A
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
CVE-2014-0190 4 Canonical, Fedoraproject, Opensuse and 1 more 4 Ubuntu Linux, Fedora, Opensuse and 1 more 2024-02-28 4.3 MEDIUM N/A
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
CVE-2014-7826 3 Linux, Opensuse, Suse 3 Linux Kernel, Evergreen, Suse Linux Enterprise Server 2024-02-28 7.2 HIGH 7.8 HIGH
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.
CVE-2014-9323 4 Canonical, Debian, Firebirdsql and 1 more 4 Ubuntu Linux, Debian Linux, Firebird and 1 more 2024-02-28 5.0 MEDIUM N/A
The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.
CVE-2014-2678 3 Fedoraproject, Linux, Oracle 3 Fedora, Linux Kernel, Linux 2024-02-28 4.7 MEDIUM N/A
The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.
CVE-2013-7339 1 Linux 1 Linux Kernel 2024-02-28 4.7 MEDIUM N/A
The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.
CVE-2014-9708 3 Embedthis, Juniper, Oracle 134 Appweb, Ex2200, Ex2200-c and 131 more 2024-02-28 5.0 MEDIUM N/A
Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".
CVE-2014-5077 4 Canonical, Linux, Redhat and 1 more 8 Ubuntu Linux, Linux Kernel, Enterprise Linux Eus and 5 more 2024-02-28 7.1 HIGH N/A
The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction.