Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-27944 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-02-28 | N/A | 7.5 HIGH |
Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference. | |||||
CVE-2022-40774 | 1 Axiosys | 1 Bento4 | 2024-02-28 | N/A | 5.5 MEDIUM |
An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize. | |||||
CVE-2021-33458 | 1 Tortall | 1 Yasm | 2024-02-28 | N/A | 5.5 MEDIUM |
An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in find_cc() in modules/preprocs/nasm/nasm-pp.c. | |||||
CVE-2021-33441 | 1 Cesanta | 1 Mjs | 2024-02-28 | N/A | 5.5 MEDIUM |
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c. | |||||
CVE-2022-36014 | 1 Google | 1 Tensorflow | 2024-02-28 | N/A | 7.5 HIGH |
TensorFlow is an open source platform for machine learning. When `mlir::tfg::TFOp::nameAttr` receives null type list attributes, it crashes. We have patched the issue in GitHub commits 3a754740d5414e362512ee981eefba41561a63a6 and a0f0b9a21c9270930457095092f558fbad4c03e5. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. | |||||
CVE-2022-36011 | 1 Google | 1 Tensorflow | 2024-02-28 | N/A | 7.5 HIGH |
TensorFlow is an open source platform for machine learning. When `mlir::tfg::ConvertGenericFunctionToFunctionDef` is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit 1cf45b831eeb0cab8655c9c7c5d06ec6f45fc41b. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. | |||||
CVE-2022-41595 | 1 Huawei | 2 Emui, Harmonyos | 2024-02-28 | N/A | 3.4 LOW |
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | |||||
CVE-2022-36151 | 1 Monostream | 1 Tifig | 2024-02-28 | N/A | 5.5 MEDIUM |
tifig v0.2.2 was discovered to contain a segmentation violation via getType() at /common/bbox.cpp. | |||||
CVE-2022-35965 | 1 Google | 1 Tensorflow | 2024-02-28 | N/A | 7.5 HIGH |
TensorFlow is an open source platform for machine learning. If `LowerBound` or `UpperBound` is given an empty`sorted_inputs` input, it results in a `nullptr` dereference, leading to a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bce3717eaef4f769019fd18e990464ca4a2efeea. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. | |||||
CVE-2022-37797 | 2 Debian, Lighttpd | 2 Debian Linux, Lighttpd | 2024-02-28 | N/A | 7.5 HIGH |
In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition. | |||||
CVE-2022-0168 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-02-28 | N/A | 4.4 MEDIUM |
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system. | |||||
CVE-2022-1671 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2024-02-28 | N/A | 7.1 HIGH |
A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information. | |||||
CVE-2022-40738 | 1 Axiosys | 1 Bento4 | 2024-02-28 | N/A | 6.5 MEDIUM |
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, called from AP4_EsDescriptor::WriteFields and AP4_Expandable::Write. | |||||
CVE-2021-33463 | 1 Tortall | 1 Yasm | 2024-02-28 | N/A | 5.5 MEDIUM |
An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr__copy_except() in libyasm/expr.c. | |||||
CVE-2022-20333 | 1 Google | 1 Android | 2024-02-28 | N/A | 6.5 MEDIUM |
In Bluetooth, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-179161657 | |||||
CVE-2022-42722 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-02-28 | N/A | 5.5 MEDIUM |
In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. | |||||
CVE-2022-41787 | 1 F5 | 2 Big-ip Domain Name System, Big-ip Local Traffic Manager | 2024-02-28 | N/A | 7.5 HIGH |
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM to terminate. | |||||
CVE-2022-3663 | 1 Axiosys | 1 Bento4 | 2024-02-28 | N/A | 5.5 MEDIUM |
A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. This issue affects the function AP4_StsdAtom of the file Ap4StsdAtom.cpp of the component MP4fragment. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212003. | |||||
CVE-2022-32785 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-02-28 | N/A | 5.5 MEDIUM |
A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an image may lead to a denial-of-service. | |||||
CVE-2022-3278 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-02-28 | N/A | 5.5 MEDIUM |
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. |