Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-13632 | 8 Brocade, Canonical, Debian and 5 more | 13 Fabric Operating System, Ubuntu Linux, Debian Linux and 10 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. | |||||
CVE-2020-13934 | 6 Apache, Canonical, Debian and 3 more | 14 Tomcat, Ubuntu Linux, Debian Linux and 11 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service. | |||||
CVE-2016-11039 | 1 Google | 1 Android | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (AP + CP MDM9x35, or Qualcomm Onechip) software. There is a NULL pointer dereference issue in the IPC socket code. The Samsung ID is SVE-2016-5980 (July 2016). | |||||
CVE-2020-13900 | 1 Meetecho | 1 Janus | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_preparse in sdp.c has a NULL pointer dereference. | |||||
CVE-2020-7711 | 1 Goxmldsig Project | 1 Goxmldsig | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
This affects all versions of package github.com/russellhaering/goxmldsig. There is a crash on nil-pointer dereference caused by sending malformed XML signatures. | |||||
CVE-2020-1967 | 10 Broadcom, Debian, Fedoraproject and 7 more | 26 Fabric Operating System, Debian Linux, Fedora and 23 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f). | |||||
CVE-2020-5544 | 1 Mitsubishielectric | 2 Iu1-1m20-d, Iu1-1m20-d Firmware | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Null Pointer Dereference vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to stop the network functions or execute malware via a specially crafted packet. | |||||
CVE-2018-13903 | 1 Qualcomm | 22 Apq8053, Apq8053 Firmware, Mdm9205 and 19 more | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
u'Error in UE due to race condition in EPCO handling' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150 | |||||
CVE-2019-14012 | 1 Qualcomm | 48 Msm8905, Msm8905 Firmware, Msm8909 and 45 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Possibility of null pointer deference as the array of video codecs from media info is referenced without null checking while processing SDP messages in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, Nicobar, QCM2150, QM215, Rennell, SC7180, SC8180X, SDA845, SDM429, SDM439, SDM450, SDM632, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150 | |||||
CVE-2020-10957 | 1 Dovecot | 1 Dovecot | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp. | |||||
CVE-2019-20816 | 1 Foxitsoftware | 1 Phantompdf | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference during the parsing of file data. | |||||
CVE-2019-20824 | 1 Foxitsoftware | 1 Phantompdf | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file. | |||||
CVE-2020-10730 | 5 Debian, Fedoraproject, Opensuse and 2 more | 5 Debian Linux, Fedora, Leap and 2 more | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability. | |||||
CVE-2017-18658 | 1 Google | 1 Android | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
An issue was discovered on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017). | |||||
CVE-2020-5966 | 1 Nvidia | 1 Gpu Display Driver | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, in which a NULL pointer is dereferenced, leading to denial of service or potential escalation of privileges. | |||||
CVE-2019-20917 | 2 Debian, Inspircd | 2 Debian Linux, Inspircd | 2024-02-28 | 6.8 MEDIUM | 6.5 MEDIUM |
An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server. | |||||
CVE-2020-24369 | 1 Lua | 1 Lua | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference. | |||||
CVE-2020-15304 | 3 Fedoraproject, Openexr, Opensuse | 3 Fedora, Openexr, Leap | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference. | |||||
CVE-2019-20813 | 1 Foxitsoftware | 1 Phantompdf | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference. | |||||
CVE-2019-20821 | 1 Foxitsoftware | 1 Phantompdf | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Foxit PhantomPDF Mac before 3.4. It has a NULL pointer dereference. |