Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-40781 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-24577 | 1 Gpac | 1 Gpac | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen. (gf_utf8_wcslen is a renamed Unicode utf8_wcslen function.) | |||||
CVE-2022-25108 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Foxit PDF Reader and Editor before 11.2.1 and PhantomPDF before 10.1.7 allow a NULL pointer dereference during PDF parsing because the pointer is used without proper validation. | |||||
CVE-2021-44495 | 2 Fisglobal, Yottadb | 2 Gt.m, Yottadb | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a NULL pointer dereference after calls to ZPrint. | |||||
CVE-2021-42263 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-40750 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Bridge version 11.1.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-29205 | 1 Google | 1 Tensorflow | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling `tf.compat.v1.*` ops which don't yet have support for quantized types, which was added after migration to TensorFlow 2.x. In these scenarios, since the kernel is missing, a `nullptr` value is passed to `ParseDimensionValue` for the `py_value` argument. Then, this is dereferenced, resulting in segfault. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | |||||
CVE-2022-29491 | 1 F5 | 4 Big-ip Access Policy Manager, Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager and 1 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side (client/server), and DTLS on the other (server/client), undisclosed requests can cause the TMM process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
CVE-2021-42198 | 1 Swftools | 1 Swftools | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause Denial of Service. | |||||
CVE-2021-40943 | 1 Axiosys | 1 Bento4 | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS). | |||||
CVE-2022-26095 | 1 Google | 1 Android | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Null pointer dereference vulnerability in parser_colr function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | |||||
CVE-2022-32201 | 1 Libjpeg Project | 1 Libjpeg | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp. | |||||
CVE-2022-1035 | 1 Gpac | 1 Gpac | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpac prior to 2.1.0-DEV. | |||||
CVE-2021-3596 | 4 Debian, Fedoraproject, Imagemagick and 1 more | 4 Debian Linux, Fedora, Imagemagick and 1 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault. | |||||
CVE-2021-40762 | 3 Adobe, Apple, Microsoft | 3 Character Animator, Macos, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-0890 | 1 Mruby | 1 Mruby | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2. | |||||
CVE-2022-26099 | 1 Google | 1 Android | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds read by remote attackers. | |||||
CVE-2022-28189 | 1 Nvidia | 1 Gpu Display Driver | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a NULL pointer dereference may lead to a system crash. | |||||
CVE-2022-0908 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file. | |||||
CVE-2022-29206 | 1 Google | 1 Tensorflow | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorDenseAdd` does not fully validate the input arguments. In this case, a reference gets bound to a `nullptr` during kernel execution. This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. |