Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-33068 | 2 Intel, Netapp | 2 Active Management Technology Firmware, Cloud Backup | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enable denial of service via network access. | |||||
CVE-2022-22638 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service attack. | |||||
CVE-2021-45385 | 1 Rockcarry | 1 Ffjpeg | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it tries to access the pb->data, in jfif_encode() at jfif.c:763. This is due to the incomplete patch for CVE-2020-13438. | |||||
CVE-2021-40778 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-43824 | 1 Envoyproxy | 1 Envoy | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions a crafted request crashes Envoy when a CONNECT request is sent to JWT filter configured with regex match. This provides a denial of service attack vector. The only workaround is to not use regex in the JWT filter. Users are advised to upgrade. | |||||
CVE-2021-35075 | 1 Qualcomm | 98 Ar8035, Ar8035 Firmware, Qca6174a and 95 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-40782 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-35087 | 1 Qualcomm | 82 Ar8035, Ar8035 Firmware, Qca6390 and 79 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Possible null pointer access due to improper validation of system information message to be processed in Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2022-32202 | 1 Libjpeg Project | 1 Libjpeg | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp. | |||||
CVE-2021-44498 | 1 Fisglobal | 1 Gt.m | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_port/f_incr.c and cause a crash due to a NULL pointer dereference. | |||||
CVE-2022-1516 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. | |||||
CVE-2021-44506 | 1 Yottadb | 1 Gt.m | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to do_verify in sr_unix/do_verify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer. | |||||
CVE-2022-1382 | 1 Radare | 1 Radare2 | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system. | |||||
CVE-2021-26948 | 1 Htmldoc Project | 1 Htmldoc | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Null pointer dereference in the htmldoc v1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service via a crafted html file. | |||||
CVE-2021-40789 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-42264 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-29029 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | |||||
CVE-2022-0561 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712. | |||||
CVE-2021-44494 | 2 Fisglobal, Yottadb | 2 Gt.m, Yottadb | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference. | |||||
CVE-2022-26096 | 1 Google | 1 Android | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Null pointer dereference vulnerability in parser_ispe function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. |