Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-36138 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | N/A | 7.5 HIGH |
An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS). | |||||
CVE-2020-36024 | 1 Freedesktop | 1 Poppler | 2024-02-28 | N/A | 5.5 MEDIUM |
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. | |||||
CVE-2023-38670 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-02-28 | N/A | 7.5 HIGH |
Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service. | |||||
CVE-2023-41909 | 3 Debian, Fedoraproject, Frrouting | 3 Debian Linux, Fedora, Frrouting | 2024-02-28 | N/A | 7.5 HIGH |
An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference. | |||||
CVE-2022-48606 | 1 Huawei | 2 Emui, Harmonyos | 2024-02-28 | N/A | 7.5 HIGH |
Stability-related vulnerability in the binder background management and control module. Successful exploitation of this vulnerability may affect availability. | |||||
CVE-2023-39397 | 1 Huawei | 2 Emui, Harmonyos | 2024-02-28 | N/A | 7.5 HIGH |
Input parameter verification vulnerability in the communication system. Successful exploitation of this vulnerability may affect availability. | |||||
CVE-2023-38712 | 1 Libreswan | 1 Libreswan | 2024-02-28 | N/A | 6.5 MEDIUM |
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart. | |||||
CVE-2021-3236 | 1 Vim | 1 Vim | 2024-02-28 | N/A | 5.5 MEDIUM |
vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method. | |||||
CVE-2023-31441 | 1 Ncia | 1 Advisor Network | 2024-02-28 | N/A | 5.5 MEDIUM |
In NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. This is related to the U+FFFD Unicode replacement character. A for loop does not consider that a data structure is being modified during loop execution. | |||||
CVE-2023-5441 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-02-28 | N/A | 5.5 MEDIUM |
NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. | |||||
CVE-2023-46239 | 1 Quic-go Project | 1 Quic-go | 2024-02-28 | N/A | 7.5 HIGH |
quic-go is an implementation of the QUIC protocol in Go. Starting in version 0.37.0 and prior to version 0.37.3, by serializing an ACK frame after the CRYTPO that allows a node to complete the handshake, a remote node could trigger a nil pointer dereference (leading to a panic) when the node attempted to drop the Handshake packet number space. An attacker can bring down a quic-go node with very minimal effort. Completing the QUIC handshake only requires sending and receiving a few packets. Version 0.37.3 contains a patch. Versions before 0.37.0 are not affected. | |||||
CVE-2023-4683 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 5.5 MEDIUM |
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
CVE-2023-38665 | 1 Nasm | 1 Netwide Assembler | 2024-02-28 | N/A | 5.5 MEDIUM |
Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash). | |||||
CVE-2023-46345 | 1 Fossies | 1 Catdoc | 2024-02-28 | N/A | 7.5 HIGH |
Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/xlsparse.c. | |||||
CVE-2020-23911 | 1 Asn1c Project | 1 Asn1c | 2024-02-28 | N/A | 5.5 MEDIUM |
An issue was discovered in asn1c through v0.9.28. A NULL pointer dereference exists in the function _default_error_logger() located in asn1fix.c. It allows an attacker to cause Denial of Service. | |||||
CVE-2022-28070 | 1 Radare | 1 Radare2 | 2024-02-28 | N/A | 7.5 HIGH |
A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0. | |||||
CVE-2023-31021 | 7 Canonical, Citrix, Linux-kvm and 4 more | 7 Ubuntu Linux, Hypervisor, Kernel Virtual Machine and 4 more | 2024-02-28 | N/A | 5.5 MEDIUM |
NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service. | |||||
CVE-2023-41358 | 3 Debian, Fedoraproject, Frrouting | 3 Debian Linux, Fedora, Frrouting | 2024-02-28 | N/A | 7.5 HIGH |
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. | |||||
CVE-2023-31022 | 8 Canonical, Citrix, Linux and 5 more | 9 Ubuntu Linux, Hypervisor, Linux Kernel and 6 more | 2024-02-28 | N/A | 5.5 MEDIUM |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service. | |||||
CVE-2023-39351 | 3 Debian, Fedoraproject, Freerdp | 3 Debian Linux, Fedora, Freerdp | 2024-02-28 | N/A | 7.5 HIGH |
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX (rfx) handling. Inside the `rfx_process_message_tileset` function, the program allocates tiles using `rfx_allocate_tiles` for the number of numTiles. If the initialization process of tiles is not completed for various reasons, tiles will have a NULL pointer. Which may be accessed in further processing and would cause a program crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. |