Total
2760 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27784 | 1 Broadcom | 1 Tcpreplay | 2024-02-28 | N/A | 7.5 HIGH |
| An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. | |||||
| CVE-2023-1264 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-02-28 | N/A | 5.5 MEDIUM |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392. | |||||
| CVE-2022-47359 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-28 | N/A | 5.5 MEDIUM |
| In log service, there is a missing permission check. This could lead to local denial of service in log service. | |||||
| CVE-2022-34665 | 3 Linux, Microsoft, Nvidia | 8 Linux Kernel, Windows, Cloud Gaming Guest and 5 more | 2024-02-28 | N/A | 6.5 MEDIUM |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service. | |||||
| CVE-2022-23526 | 1 Helm | 1 Helm | 2024-02-28 | N/A | 7.5 HIGH |
| Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The _chartutil_ package contains a parser that loads a JSON Schema validation file. For example, the Helm client when rendering a chart will validate its values with the schema file. The _chartutil_ package parses the schema file and loads it into structures Go can work with. Some schema files can cause array data structures to be created causing a memory violation. Applications that use the _chartutil_ package in the Helm SDK to parse a schema file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate schema files that are correctly formatted before passing them to the _chartutil_ functions. | |||||
| CVE-2023-27786 | 1 Broadcom | 1 Tcpreplay | 2024-02-28 | N/A | 7.5 HIGH |
| An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. | |||||
| CVE-2023-27102 | 1 Struktur | 1 Libde265 | 2024-02-28 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decoder_context::process_slice_segment_header at decctx.cc. | |||||
| CVE-2022-41999 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2024-02-28 | N/A | 7.5 HIGH |
| A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2. A specially-crafted .dds can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-47360 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-28 | N/A | 5.5 MEDIUM |
| In log service, there is a missing permission check. This could lead to local denial of service in log service. | |||||
| CVE-2022-44018 | 1 Softing | 1 Uatoolkit Embedded | 2024-02-28 | N/A | 7.5 HIGH |
| In Softing uaToolkit Embedded before 1.40.1, a malformed PubSub discovery announcement message can cause a NULL pointer dereference or out-of-bounds memory access in the subscriber application. | |||||
| CVE-2022-4121 | 1 Libetpan Project | 1 Libetpan | 2024-02-28 | N/A | 5.5 MEDIUM |
| In libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c was found that could lead to a remote denial of service or other potential consequences. | |||||
| CVE-2023-23004 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||||
| CVE-2023-22999 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||||
| CVE-2021-4236 | 1 Web Project | 1 Web | 2024-02-28 | N/A | 9.8 CRITICAL |
| Web Sockets do not execute any AuthenticateMethod methods which may be set, leading to a nil pointer dereference if the returned UserData pointer is assumed to be non-nil, or authentication bypass. This issue only affects WebSockets with an AuthenticateMethod hook. Request handlers that do not explicitly use WebSockets are not vulnerable. | |||||
| CVE-2022-43603 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2024-02-28 | N/A | 5.9 MEDIUM |
| A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2023-0845 | 1 Hashicorp | 1 Consul | 2024-02-28 | N/A | 6.5 MEDIUM |
| Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5. | |||||
| CVE-2023-24751 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-02-28 | N/A | 6.5 MEDIUM |
| libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | |||||
| CVE-2022-3109 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | N/A | 7.5 HIGH |
| An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability. | |||||
| CVE-2022-20521 | 1 Google | 1 Android | 2024-02-28 | N/A | 5.0 MEDIUM |
| In sdpu_find_most_specific_service_uuid of sdp_utils.cc, there is a possible way to crash Bluetooth due to a missing null check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227203684 | |||||
| CVE-2022-41909 | 1 Google | 1 Tensorflow | 2024-02-28 | N/A | 7.5 HIGH |
| TensorFlow is an open source platform for machine learning. An input `encoded` that is not a valid `CompositeTensorVariant` tensor will trigger a segfault in `tf.raw_ops.CompositeTensorVariantToComponents`. We have patched the issue in GitHub commits bf594d08d377dc6a3354d9fdb494b32d45f91971 and 660ce5a89eb6766834bdc303d2ab3902aef99d3d. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. | |||||