Total
2411 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-0573 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via a crafted application that makes a TSC_GET_CARD_STATUS ioctl call. | |||||
| CVE-2016-4724 | 1 Apple | 2 Iphone Os, Mac Os X | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
| IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
| CVE-2016-7118 | 1 Debian | 1 Debian Linux | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
| fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image package 3.2.0-4 (kernel 3.2.81-1) in Debian wheezy mishandles F_SETFL fcntl calls on directories, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via standard filesystem operations, as demonstrated by scp from an AUFS filesystem. | |||||
| CVE-2015-4444 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2015-4443. | |||||
| CVE-2016-1803 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
| CVE-2016-1813 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
| The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
| CVE-2016-4957 | 5 Novell, Ntp, Opensuse and 2 more | 9 Suse Manager, Ntp, Leap and 6 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547. | |||||
| CVE-2016-7131 | 1 Php | 1 Php | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a < (less than) character. | |||||
| CVE-2015-8922 | 4 Canonical, Libarchive, Novell and 1 more | 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct. | |||||
| CVE-2015-8956 | 2 Google, Linux | 2 Android, Linux Kernel | 2023-12-10 | 3.6 LOW | 6.1 MEDIUM |
| The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket. | |||||
| CVE-2015-1721 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2023-12-10 | 7.2 HIGH | N/A |
| The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer Dereference Vulnerability." | |||||
| CVE-2016-3120 | 1 Mit | 1 Kerberos 5 | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request. | |||||
| CVE-2015-3194 | 4 Canonical, Debian, Nodejs and 1 more | 4 Ubuntu Linux, Debian Linux, Node.js and 1 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter. | |||||
| CVE-2016-6327 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
| drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation. | |||||
| CVE-2016-4627 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. | |||||
| CVE-2016-5354 | 1 Wireshark | 1 Wireshark | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
| The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2016-7424 | 2 Debian, Libav | 2 Debian Linux, Libav | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file. | |||||
| CVE-2013-4119 | 1 Freerdp | 1 Freerdp | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished. | |||||
| CVE-2016-4959 | 1 Nvidia | 40 Geforce 910m, Geforce 920m, Geforce 920mx and 37 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash. | |||||
| CVE-2015-8551 | 4 Debian, Linux, Opensuse and 1 more | 8 Debian Linux, Linux Kernel, Opensuse and 5 more | 2023-12-10 | 4.7 MEDIUM | 6.0 MEDIUM |
| The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks." | |||||