Total
3032 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6951 | 2 Canonical, Gnu | 2 Ubuntu Linux, Patch | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue. | |||||
| CVE-2018-6942 | 2 Canonical, Freetype | 2 Ubuntu Linux, Freetype | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file. | |||||
| CVE-2018-6925 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereference causing the kernel to crash. | |||||
| CVE-2018-6644 | 1 Sblim Project | 1 Small Footprint Cim Broker | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SBLIM Small Footprint CIM Broker (SFCB) 1.4.9 has a null pointer (DoS) vulnerability via a crafted POST request to the /cimom URI. | |||||
| CVE-2018-6534 | 1 Icinga | 1 Icinga | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted messages, an attacker can cause a NULL pointer dereference, which can cause the product to crash. | |||||
| CVE-2018-6319 | 1 Sophos | 1 Sophos Tester | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| In Sophos Tester Tool 3.2.0.7 Beta, the driver accepts a special DeviceIoControl code that doesn't check its argument. This argument is a memory address: if a caller passes a NULL pointer or a random invalid address, the driver will cause a Blue Screen of Death. If a program or malware does this at boot time, it can cause a persistent denial of service on the machine. | |||||
| CVE-2018-6250 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges. | |||||
| CVE-2018-6249 | 5 Freebsd, Linux, Microsoft and 2 more | 5 Freebsd, Linux Kernel, Windows and 2 more | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
| NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges. | |||||
| CVE-2018-6247 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference may lead to denial of service or possible escalation of privileges. | |||||
| CVE-2018-6197 | 2 Canonical, Tats | 2 Ubuntu Linux, W3m | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. | |||||
| CVE-2018-6116 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |||||
| CVE-2018-5812 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference. | |||||
| CVE-2018-5806 | 2 Libraw, Redhat | 4 Libraw, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference. | |||||
| CVE-2018-5801 | 4 Canonical, Debian, Libraw and 1 more | 6 Ubuntu Linux, Debian Linux, Libraw and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. | |||||
| CVE-2018-5729 | 4 Debian, Fedoraproject, Mit and 1 more | 6 Debian Linux, Fedora, Kerberos 5 and 3 more | 2024-11-21 | 6.5 MEDIUM | 4.7 MEDIUM |
| MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. | |||||
| CVE-2018-5710 | 1 Mit | 1 Kerberos | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client. | |||||
| CVE-2018-5449 | 1 Moxa | 8 Oncell G3110-hspa, Oncell G3110-hspa-t, Oncell G3110-hspa-t Firmware and 5 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack. | |||||
| CVE-2018-5333 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference. | |||||
| CVE-2018-5308 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. | |||||
| CVE-2018-5206 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | |||||