Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-34737 | 1 Cisco | 37 Asr 9000v-v2, Asr 9001, Asr 9006 and 34 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload. | |||||
CVE-2021-39563 | 1 Swftools | 1 Swftools | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpActions() located in swfaction.c. It allows an attacker to cause Denial of Service. | |||||
CVE-2022-23094 | 3 Debian, Fedoraproject, Libreswan | 3 Debian Linux, Fedora, Libreswan | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6. | |||||
CVE-2021-41497 | 1 Rare-technologies | 1 Bounter | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Null pointer reference in CMS_Conservative_increment_obj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket. | |||||
CVE-2021-39593 | 1 Swftools | 1 Swftools | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_FontExtract_DefineFontInfo() located in swftext.c. It allows an attacker to cause Denial of Service. | |||||
CVE-2021-39539 | 1 Pdftools Project | 1 Pdftools | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in pdftools through 20200714. A NULL pointer dereference exists in the function node::BDCNode::~BDCNode() located in bdcnode.cpp. It allows an attacker to cause Denial of Service. | |||||
CVE-2021-3319 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. Zephyr versions >= > v2.4.0 contain NULL Pointer Dereference (CWE-476), Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94jg-2p6q-5364 | |||||
CVE-2021-32979 | 1 Aveva | 1 Suitelink | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Null pointer dereference in SuiteLink server while processing commands 0x04/0x0a | |||||
CVE-2021-4188 | 1 Mruby | 1 Mruby | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
mruby is vulnerable to NULL Pointer Dereference | |||||
CVE-2020-25427 | 1 Gpac | 1 Gpac | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service. | |||||
CVE-2021-39592 | 1 Swftools | 1 Swftools | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_uint() located in pool.c. It allows an attacker to cause Denial of Service. | |||||
CVE-2021-46335 | 1 Moddable | 1 Moddable Sdk | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Moddable SDK v11.5.0 was discovered to contain a NULL pointer dereference in the component fx_Function_prototype_hasInstance. | |||||
CVE-2021-46042 | 1 Gpac | 1 Gpac | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service. | |||||
CVE-2021-34586 | 1 Codesys | 1 Codesys | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition. | |||||
CVE-2021-32289 | 1 Nokia | 1 Heif | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in heif through through v3.6.2. A NULL pointer dereference exists in the function convertByteStreamToRBSP() located in nalutil.cpp. It allows an attacker to cause Denial of Service. | |||||
CVE-2021-46039 | 1 Gpac | 1 Gpac | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent). | |||||
CVE-2021-32987 | 1 Aveva | 1 Suitelink | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Null pointer dereference in SuiteLink server while processing command 0x0b | |||||
CVE-2021-32285 | 1 Creolabs | 1 Gravity | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function list_iterator_next() located in gravity_core.c. It allows an attacker to cause Denial of Service. | |||||
CVE-2021-39973 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down. | |||||
CVE-2021-40756 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |