Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-5646 | 1 Mitsubishielectric | 6 Coreos, Gt1450-qlbde, Gt1450-qmbde and 3 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. | |||||
CVE-2020-11168 | 1 Qualcomm | 122 Apq8009, Apq8009 Firmware, Apq8009w and 119 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
u'Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330 | |||||
CVE-2021-26235 | 1 Faststone | 1 Image Viewer | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfc9, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution. | |||||
CVE-2020-27675 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-02-28 | 4.7 MEDIUM | 4.7 MEDIUM |
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5. | |||||
CVE-2020-27279 | 1 Redlion | 1 Crimson | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker could send a specially crafted packet that could reboot the device running Crimson 3.1 (Build versions prior to 3119.001). | |||||
CVE-2021-25903 | 1 Cache Project | 1 Cache | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the cache crate through 2021-01-01 for Rust. A raw pointer is dereferenced. | |||||
CVE-2020-25692 | 3 Netapp, Openldap, Redhat | 5 Cloud Backup, Solidfire Baseboard Management Controller, Solidfire Baseboard Management Controller Firmware and 2 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. | |||||
CVE-2020-35499 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a special user privilege to crash the system (DOS) or leak kernel internal information. | |||||
CVE-2020-25741 | 1 Qemu | 1 Qemu | 2024-02-28 | 2.1 LOW | 3.2 LOW |
fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive. | |||||
CVE-2020-35860 | 1 Cbox Project | 1 Cbox | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the cbox crate through 2020-03-19 for Rust. The CBox API allows dereferencing raw pointers without a requirement for unsafe code. | |||||
CVE-2020-15964 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-28361 | 1 Spdk | 1 Storage Performance Development Kit | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is sent to the iSCSI target with a zero length (but data is expected), the iSCSI target can crash with a NULL pointer dereference. | |||||
CVE-2021-28306 | 1 Fltk Project | 1 Fltk | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a multi label type if the image is nonexistent. | |||||
CVE-2020-25743 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack Platform | 2024-02-28 | 2.1 LOW | 3.2 LOW |
hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. | |||||
CVE-2020-12514 | 1 Pepperl-fuchs | 24 Io-link Master 4-eip, Io-link Master 4-eip Firmware, Io-link Master 4-pnio and 21 more | 2024-02-28 | 4.0 MEDIUM | 4.9 MEDIUM |
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd | |||||
CVE-2019-8572 | 1 Apple | 1 Airport Base Station Firmware | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution. | |||||
CVE-2020-28345 | 1 Google | 1 Android | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on LG mobile devices with Android OS 10 software. The Wi-Fi subsystem may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200025 (November 2020). | |||||
CVE-2020-26235 | 2 Microsoft, Time Project | 2 Windows, Time | 2024-02-28 | 3.5 LOW | 5.3 MEDIUM |
In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected functions are time::UtcOffset::local_offset_at, time::UtcOffset::try_local_offset_at, time::UtcOffset::current_local_offset, time::UtcOffset::try_current_local_offset, time::OffsetDateTime::now_local and time::OffsetDateTime::try_now_local. Non-Unix targets are unaffected. This includes Windows and wasm. The issue was introduced in version 0.2.7 and fixed in version 0.2.23. | |||||
CVE-2021-28307 | 1 Fltk Project | 1 Fltk | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon. | |||||
CVE-2020-28344 | 1 Google | 1 Android | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. System services may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200024 (November 2020). |