Total
2760 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-9589 | 1 Glyphandcog | 1 Xpdfreader | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
CVE-2018-18513 | 1 Mozilla | 1 Thunderbird | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird < 60.5. | |||||
CVE-2019-15291 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.9 MEDIUM | 4.6 MEDIUM |
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. | |||||
CVE-2019-12818 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c. | |||||
CVE-2019-12101 | 1 Libnyoci Project | 1 Libnyoci | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
coap_decode_option in coap.c in LibNyoci 0.07.00rc1 mishandles certain packets with "Uri-Path: (null)" and consequently allows remote attackers to cause a denial of service (segmentation fault). | |||||
CVE-2019-10901 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly. | |||||
CVE-2018-7191 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343. | |||||
CVE-2019-11638 | 1 Gnu | 1 Recutils | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_field_name_equal_p at rec-field-name.c in librec.a, leading to a crash. | |||||
CVE-2019-13959 | 1 Axiosys | 1 Bento4 | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186. | |||||
CVE-2019-15216 | 5 Canonical, Debian, Linux and 2 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-02-28 | 4.9 MEDIUM | 4.6 MEDIUM |
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. | |||||
CVE-2019-14534 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. | |||||
CVE-2019-5008 | 1 Qemu | 1 Qemu | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver. | |||||
CVE-2019-13161 | 2 Debian, Digium | 3 Debian Linux, Asterisk, Certified Asterisk | 2024-02-28 | 3.5 LOW | 5.3 MEDIUM |
An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. To exploit this vulnerability an attacker must cause the chan_sip module to send a T.38 re-invite request to them. Upon receipt, the attacker must send an SDP answer containing both a T.38 UDPTL stream and another media stream containing only a codec (which is not permitted according to the chan_sip configuration). | |||||
CVE-2019-9772 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec. | |||||
CVE-2019-16161 | 1 K-takata | 1 Onigmo | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Onigmo through 6.2.0 has a NULL pointer dereference in onig_error_code_to_str because of fetch_token in regparse.c. | |||||
CVE-2019-14493 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp. | |||||
CVE-2018-17419 | 1 Dns Library Project | 1 Dns Library | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service. | |||||
CVE-2019-12155 | 1 Qemu | 1 Qemu | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference. | |||||
CVE-2019-15218 | 6 Canonical, Debian, Linux and 3 more | 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more | 2024-02-28 | 4.9 MEDIUM | 4.6 MEDIUM |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver. | |||||
CVE-2019-12481 | 1 Gpac | 1 Gpac | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box. |