Total
2407 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-16536 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.2 HIGH | 6.6 MEDIUM |
The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. | |||||
CVE-2017-11185 | 1 Strongswan | 1 Strongswan | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature. | |||||
CVE-2017-9347 | 1 Wireshark | 1 Wireshark | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID. | |||||
CVE-2017-17505 | 1 Hdfgroup | 1 Hdf5 | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. | |||||
CVE-2015-3839 | 1 Google | 1 Android | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). | |||||
CVE-2017-15920 | 1 Watchdogdevelopment | 2 Anti-malware, Online Security Pro | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. | |||||
CVE-2015-7549 | 1 Qemu | 1 Qemu | 2023-12-10 | 2.1 LOW | 6.0 MEDIUM |
The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method. | |||||
CVE-2017-1000200 | 1 Tcmu-runner Project | 1 Tcmu-runner | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service | |||||
CVE-2017-15286 | 1 Sqlite | 1 Sqlite | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized. | |||||
CVE-2017-15723 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message. | |||||
CVE-2017-17700 | 1 K7computing | 1 Antivirus | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025a4 DeviceIoControl request. | |||||
CVE-2017-9211 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
The crypto_skcipher_init_tfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service (NULL pointer dereference) via a crafted application. | |||||
CVE-2017-14406 | 1 Mp3gain | 1 Mp3gain | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A NULL pointer dereference was discovered in sync_buffer in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. | |||||
CVE-2014-9967 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | |||||
CVE-2017-8537 | 1 Microsoft | 13 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 10 more | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8539, and CVE-2017-8542. | |||||
CVE-2017-11642 | 1 Graphicsmagick | 1 Graphicsmagick | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638. | |||||
CVE-2017-14863 | 1 Exiv2 | 1 Exiv2 | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | |||||
CVE-2017-14225 | 1 Ffmpeg | 1 Ffmpeg | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in libavcodec/utils.c, leading to a NULL pointer dereference. (It is also conceivable that there is security relevance for a NULL pointer dereference in av_color_primaries_name calls within the ffprobe command-line program.) | |||||
CVE-2017-13065 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | |||||
CVE-2017-14517 | 1 Freedesktop | 1 Poppler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document. |