Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-12615 | 2 Linux, Netapp | 10 Linux Kernel, Active Iq Unified Manager, Aff A700s and 7 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). | |||||
CVE-2019-16089 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.7 MEDIUM | 4.1 MEDIUM |
An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value. | |||||
CVE-2019-13219 | 2 Debian, Stb Vorbis Project | 2 Debian Linux, Stb Vorbis | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | |||||
CVE-2016-7550 | 1 Digium | 1 Asterisk | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
asterisk 13.10.0 is affected by: denial of service issues in asterisk. The impact is: cause a denial of service (remote). | |||||
CVE-2019-11810 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free. | |||||
CVE-2019-15099 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | |||||
CVE-2019-14212 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object. | |||||
CVE-2019-16351 | 1 Rockcarry | 1 Ffjpeg | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. | |||||
CVE-2019-5055 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in an invalid sequence to the <WFAWLANConfig:1#PutMessage> service can cause a null pointer dereference, resulting in the hostapd service crashing. An unauthenticated attacker can send a specially-crafted SOAP request to trigger this vulnerability. | |||||
CVE-2019-16232 | 4 Canonical, Fedoraproject, Linux and 1 more | 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more | 2024-02-28 | 4.7 MEDIUM | 4.1 MEDIUM |
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |||||
CVE-2019-12259 | 4 Belden, Siemens, Sonicwall and 1 more | 49 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 46 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. | |||||
CVE-2019-12175 | 1 Zeek | 1 Zeek | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, a NULL pointer dereference in the Kerberos (aka KRB) protocol parser leads to DoS because a case-type index is mishandled. | |||||
CVE-2019-15923 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c. | |||||
CVE-2019-15759 | 1 Webassembly | 1 Binaryen | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Binaryen 1.38.32. Two visitors in ir/ExpressionManipulator.cpp can lead to a NULL pointer dereference in wasm::LocalSet::finalize in wasm/wasm.cpp. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm2js. | |||||
CVE-2019-9656 | 3 Canonical, Debian, Libofx Project | 3 Ubuntu Linux, Debian Linux, Libofx | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump. | |||||
CVE-2019-12108 | 1 Miniupnp Project | 1 Miniupnpd | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. | |||||
CVE-2019-1010171 | 1 Jsish | 1 Jsish | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Jsish 2.4.83 2.0483 is affected by: Nullpointer dereference. The impact is: denial of service. The component is: function jsi_DumpFunctions (jsiEval.c:567). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.84. | |||||
CVE-2019-10022 | 1 Xpdfreader | 1 Xpdf | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. | |||||
CVE-2019-2236 | 1 Qualcomm | 76 Ipq8074, Ipq8074 Firmware, Mdm9206 and 73 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Null pointer dereference during secure application termination using specific application ids. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | |||||
CVE-2019-12881 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact via crafted ioctl calls to /dev/dri/card0. |