Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-13435 | 2 Fedoraproject, Sqlite | 2 Fedora, Sqlite | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. | |||||
CVE-2019-20820 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference during the parsing of file data. | |||||
CVE-2020-0219 | 1 Google | 1 Android | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-122836081 | |||||
CVE-2017-9105 | 2 Fedoraproject, Gnu | 2 Fedora, Adns | 2024-02-28 | 7.5 HIGH | 8.8 HIGH |
An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution. | |||||
CVE-2020-14149 | 1 Troglobit | 1 Uftpd | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command. | |||||
CVE-2020-11608 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-02-28 | 4.9 MEDIUM | 4.3 MEDIUM |
An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d. | |||||
CVE-2020-16117 | 2 Debian, Gnome | 2 Debian Linux, Evolution-data-server | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server. | |||||
CVE-2019-14874 | 1 Newlib Project | 1 Newlib | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
In the __i2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of _ x[0] will trigger a null pointer dereference bug in case of a memory allocation failure. | |||||
CVE-2020-10600 | 1 Osisoft | 1 Pi Data Archive | 2024-02-28 | 4.9 MEDIUM | 7.1 HIGH |
An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive (2018 SP2 and prior versions). | |||||
CVE-2020-24659 | 4 Canonical, Fedoraproject, Gnu and 1 more | 4 Ubuntu Linux, Fedora, Gnutls and 1 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure. | |||||
CVE-2017-18664 | 1 Google | 1 Android | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. There is a NULL pointer exception in PersonManager, causing memory corruption. The Samsung ID is SVE-2017-8286 (June 2017). | |||||
CVE-2020-10739 | 1 Istio | 1 Istio | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer Exception resulting in a Denial of Service. This could be sent to the ingress gateway or a sidecar, triggering a null pointer exception which results in a denial of service. This also affects servicemesh-proxy where a null pointer exception flaw was found in servicemesh-proxy. When running Telemetry v2 (not on by default in version 1.4.x), an attacker could send a specially crafted packet to the ingress gateway or proxy sidecar, triggering a denial of service. | |||||
CVE-2020-10812 | 1 Hdfgroup | 1 Hdf5 | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service. | |||||
CVE-2020-9610 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a null pointer vulnerability. Successful exploitation could lead to application denial-of-service. | |||||
CVE-2020-10602 | 1 Pi | 1 Data Archive | 2024-02-28 | 3.5 LOW | 5.3 MEDIUM |
In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive. | |||||
CVE-2020-1995 | 1 Paloaltonetworks | 1 Pan-os | 2024-02-28 | 6.8 MEDIUM | 4.9 MEDIUM |
A NULL pointer dereference vulnerability in Palo Alto Networks PAN-OS allows an authenticated administrator to send a request that causes the rasmgr daemon to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue affects: PAN-OS 9.1 versions earlier than 9.1.2. | |||||
CVE-2020-14396 | 4 Canonical, Debian, Libvnc Project and 1 more | 15 Ubuntu Linux, Debian Linux, Libvncserver and 12 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference. | |||||
CVE-2020-10664 | 1 Windriver | 1 Vxworks | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference. | |||||
CVE-2020-13649 | 1 Jerryscript | 1 Jerryscript | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure. | |||||
CVE-2019-20826 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It has a NULL pointer dereference. |