Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-23180 | 1 Htmldoc Project | 1 Htmldoc | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in file_extension(),in file.c may lead to execute arbitrary code and denial of service. | |||||
CVE-2022-29694 | 1 Unicorn-engine | 1 Unicorn Engine | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Unicorn Engine v2.0.0-rc7 and below was discovered to contain a NULL pointer dereference via qemu_ram_free. | |||||
CVE-2021-20299 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability. | |||||
CVE-2022-2279 | 1 Libmobi Project | 1 Libmobi | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
NULL Pointer Dereference in GitHub repository bfabiszewski/libmobi prior to 0.11. | |||||
CVE-2021-44508 | 1 Fisglobal | 1 Gt.m | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer. | |||||
CVE-2022-32230 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server 2019 | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. | |||||
CVE-2021-40768 | 3 Adobe, Apple, Microsoft | 3 Character Animator, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-36613 | 1 Mikrotik | 1 Routeros | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | |||||
CVE-2021-40788 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-34122 | 1 Rockcarry | 1 Ffjpeg | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference. | |||||
CVE-2021-44492 | 2 Fisglobal, Yottadb | 2 Gt.m, Yottadb | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_port/f_incr.c and cause a crash due to a NULL pointer dereference. | |||||
CVE-2021-44501 | 1 Fisglobal | 1 Gt.m | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference. | |||||
CVE-2021-33254 | 2 Embedthis, Linux | 2 Appweb, Linux Kernel | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function. | |||||
CVE-2022-31763 | 1 Huawei | 2 Emui, Harmonyos | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability. | |||||
CVE-2021-44485 | 2 Fisglobal, Yottadb | 2 Gt.m, Yottadb | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in trip_gen in sr_port/emit_code.c allows attackers to crash the application by dereferencing a NULL pointer. | |||||
CVE-2022-1283 | 1 Radare | 1 Radare2 | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash). | |||||
CVE-2022-23189 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-29031 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | |||||
CVE-2022-0562 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c. | |||||
CVE-2022-1341 | 1 Bwm-ng Project | 1 Bwm-ng | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in in bwm-ng v0.6.2. An arbitrary null write exists in get_cmdln_options() function in src/options.c. |