Vulnerabilities (CVE)

Filtered by CWE-476
Total 3017 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-12474 1 Bento4 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The AP4_AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable.cpp in Bento4 mp42ts before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.
CVE-2017-14181 1 Aacplusenc Project 1 Aacplusenc 2024-02-28 6.8 MEDIUM 7.8 HIGH
DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid memory write, SEGV on unknown address 0x000000000030, and application crash) or possibly have unspecified other impact via a crafted .wav file, aka a NULL pointer dereference.
CVE-2017-11522 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-13764 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation.
CVE-2017-1000460 3 Ffmpeg, Google, Libav 3 Ffmpeg, Chrome, Libav 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
CVE-2017-12922 1 Libfpx Project 1 Libfpx 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
wchar.c in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
CVE-2017-9608 1 Ffmpeg 1 Ffmpeg 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file.
CVE-2017-17123 1 Gnu 1 Binutils 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file.
CVE-2017-9347 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.
CVE-2017-15306 1 Linux 1 Linux Kernel 2024-02-28 4.9 MEDIUM 5.5 MEDIUM
The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm.
CVE-2017-12719 1 Advantech 1 Webaccess 2024-02-28 5.0 MEDIUM 7.5 HIGH
An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program causing the application to become unavailable.
CVE-2017-11590 1 Gnome 1 Libgxps 2024-02-28 4.3 MEDIUM 7.5 HIGH
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.
CVE-2017-9470 1 Ytnef Project 1 Ytnef 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
CVE-2017-15721 2 Debian, Irssi 2 Debian Linux, Irssi 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468.
CVE-2017-10965 1 Irssi 1 Irssi 2024-02-28 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer.
CVE-2017-14641 1 Bento4 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
A NULL pointer dereference was discovered in the AP4_DataAtom class in MetaData/Ap4MetaData.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.
CVE-2017-14504 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference.
CVE-2017-14974 1 Gnu 1 Binutils 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
CVE-2017-12476 1 Bento4 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.
CVE-2017-17439 2 Debian, Heimdal Project 2 Debian Linux, Heimdal 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c.