Vulnerabilities (CVE)

Filtered by CWE-476
Total 3017 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-4343 3 Canonical, Debian, Openssl 3 Ubuntu Linux, Debian Linux, Openssl 2024-02-28 4.3 MEDIUM N/A
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
CVE-2007-1327 1 Silc 1 Silc-server 2024-02-28 7.8 HIGH N/A
The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm.
CVE-2006-6565 1 Filezilla-project 1 Filezilla Server 2024-02-28 4.0 MEDIUM N/A
FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wildcard argument to the (1) LIST or (2) NLST commands, which results in a NULL pointer dereference, a different set of vectors than CVE-2006-6564. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command.
CVE-2005-2459 2 Debian, Linux 2 Debian Linux, Linux Kernel 2024-02-28 5.0 MEDIUM N/A
The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458.
CVE-2006-2661 3 Canonical, Debian, Freetype 3 Ubuntu Linux, Debian Linux, Freetype 2024-02-28 5.0 MEDIUM N/A
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.
CVE-2005-0772 1 Veritas 1 Backup Exec 2024-02-28 5.0 MEDIUM 7.5 HIGH
VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 through 9.1.307 for Netware, allows remote attackers to cause a denial of service (Remote Agent crash) via (1) a crafted packet in NDMLSRVR.DLL or (2) a request packet with an invalid (non-0) "Error Status" value, which triggers a null dereference.
CVE-2005-3274 2 Debian, Linux 2 Debian Linux, Linux Kernel 2024-02-28 1.2 LOW 4.7 MEDIUM
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired.
CVE-2004-0079 23 4d, Apple, Avaya and 20 more 66 Webstar, Mac Os X, Mac Os X Server and 63 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVE-2003-1000 1 Xchat 1 Xchat 2024-02-28 5.0 MEDIUM 7.5 HIGH
xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number, which causes a null dereference.
CVE-2004-0365 1 Ethereal 1 Ethereal 2024-02-28 5.0 MEDIUM 7.5 HIGH
The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a malformed RADIUS packet that triggers a null dereference.
CVE-2001-1559 1 Openbsd 1 Openbsd 2024-02-28 2.1 LOW 5.5 MEDIUM
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
CVE-2004-0119 1 Microsoft 3 Windows 2000, Windows Server 2003, Windows Xp 2024-02-28 7.5 HIGH 7.5 HIGH
The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection.
CVE-2004-0458 2 Debian, Nicolas Boullis 2 Debian Linux, Mah-jong 2024-02-28 5.0 MEDIUM 7.5 HIGH
mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.
CVE-2004-0389 1 Realnetworks 1 Helix Universal Server 2024-02-28 7.8 HIGH 7.5 HIGH
RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests.
CVE-2002-0401 2 Debian, Ethereal 2 Debian Linux, Ethereal 2024-02-28 7.5 HIGH 7.5 HIGH
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.
CVE-2002-1912 1 Skystream 1 Emr5000 2024-02-28 5.0 MEDIUM 7.5 HIGH
SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets.
CVE-2003-1013 1 Ethereal 1 Ethereal 2024-02-28 5.0 MEDIUM 7.5 HIGH
The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.