Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-44507 | 1 Fisglobal | 1 Gt.m | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of parameter validation in calls to memcpy in str_tok in sr_unix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer. | |||||
CVE-2022-26093 | 1 Google | 1 Android | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | |||||
CVE-2022-24736 | 4 Fedoraproject, Netapp, Oracle and 1 more | 5 Fedora, Management Services For Element Software, Management Services For Netapp Hci and 2 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules. | |||||
CVE-2022-23199 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-1249 | 1 Pesign Project | 1 Pesign | 2024-02-28 | 2.1 LOW | 3.3 LOW |
A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. The function fails to handle the NULL pwdata invocation from daemon.c, which leads to an explicit NULL dereference and crash on all attempts to daemonize pesign. | |||||
CVE-2021-39804 | 1 Google | 1 Android | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
In reinit of HeifDecoderImpl.cpp, there is a possible crash due to a missing null check. This could lead to remote persistent denial of service in the file picker with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-215002587 | |||||
CVE-2021-42196 | 1 Swftools | 1 Swftools | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function traits_parse() located in abc.c. It allows an attacker to cause Denial of Service. | |||||
CVE-2022-1674 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. | |||||
CVE-2022-28049 | 1 F5 | 1 Njs | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
NGINX NJS 0.7.2 was discovered to contain a NULL pointer dereference via the component njs_vmcode_array at /src/njs_vmcode.c. | |||||
CVE-2021-45117 | 2 Opcfoundation, Siemens | 4 Ua-nodeset, Simatic Net Pc, Sitop Manager and 1 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference. | |||||
CVE-2021-40944 | 1 Gpac | 1 Gpac | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS). | |||||
CVE-2021-35076 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Qca6390 and 111 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-4095 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-02-28 | 1.9 LOW | 5.5 MEDIUM |
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1. | |||||
CVE-2021-44974 | 1 Radare | 1 Radare2 | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser. | |||||
CVE-2021-3739 | 3 Fedoraproject, Linux, Netapp | 18 Fedora, Linux Kernel, H300e and 15 more | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability. | |||||
CVE-2022-31077 | 1 Linuxfoundation | 1 Kubeedge | 2024-02-28 | 3.5 LOW | 5.7 MEDIUM |
KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message response from KubeEdge can crash the CSI Driver controller server by triggering a nil-pointer dereference panic. As a consequence, the CSI Driver controller will be in denial of service. This bug has been fixed in Kubeedge 1.11.0, 1.10.1, and 1.9.3. Users should update to these versions to resolve the issue. At the time of writing, no workaround exists. | |||||
CVE-2021-44505 | 1 Yottadb | 1 Gt.m | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a NULL pointer dereference after calls to ZPrint. | |||||
CVE-2022-1507 | 2 Chafa Project, Fedoraproject | 2 Chafa, Fedora | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. | |||||
CVE-2022-30592 | 1 Litespeedtech | 1 Lsquic | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY. | |||||
CVE-2021-23191 | 1 Htmldoc Project | 1 Htmldoc | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A security issue was found in htmldoc v1.9.12 and before. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may result in denial of service. |