Total
2399 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-13441 | 1 Nagios | 1 Nagios | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | |||||
| CVE-2018-18227 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values. | |||||
| CVE-2018-20427 | 1 Libming | 1 Libming | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability than CVE-2018-9132. | |||||
| CVE-2018-19504 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c. | |||||
| CVE-2018-18661 | 2 Canonical, Libtiff | 2 Ubuntu Linux, Libtiff | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c. | |||||
| CVE-2018-13458 | 1 Nagios | 1 Nagios Core | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | |||||
| CVE-2018-15863 | 2 Canonical, Xkbcommon | 3 Ubuntu Linux, Libxkbcommon, Xkbcommon | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression. | |||||
| CVE-2018-20425 | 1 Libming | 1 Libming | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| libming 0.4.8 has a NULL pointer dereference in the pushdup function of the decompile.c file. | |||||
| CVE-2018-14332 | 1 Clementine-player | 1 Clementine | 2023-12-10 | 1.9 LOW | 5.5 MEDIUM |
| An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user opens a malformed mp3 file. | |||||
| CVE-2018-17000 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp. | |||||
| CVE-2017-18298 | 1 Qualcomm | 52 Mdm9206, Mdm9206 Firmware, Mdm9607 and 49 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660 . | |||||
| CVE-2018-19184 | 1 Ethereum | 1 Go Ethereum | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to cause a denial of service (SEGV) via crafted bytecode. | |||||
| CVE-2018-19122 | 1 Mz-automation | 1 Libiec61850 | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c. | |||||
| CVE-2018-16428 | 2 Canonical, Gnome | 2 Ubuntu Linux, Glib | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference. | |||||
| CVE-2018-14853 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2023-12-10 | 3.3 LOW | 4.3 MEDIUM |
| A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783. | |||||
| CVE-2018-19395 | 1 Php | 1 Php | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell"). | |||||
| CVE-2018-20191 | 3 Canonical, Fedoraproject, Qemu | 3 Ubuntu Linux, Fedora, Qemu | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference). | |||||
| CVE-2018-1000661 | 1 Jsish | 1 Jsish | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| jsish version 2.4.67 contains a CWE-476: NULL Pointer Dereference vulnerability in Jsi_LogMsg (jsiUtils.c:196) that can result in Crash due to segmentation fault. This attack appear to be exploitable via the victim executing specially crafted javascript code. This vulnerability appears to have been fixed in 2.4.69. | |||||
| CVE-2018-18883 | 1 Xen | 1 Xen | 2023-12-10 | 7.2 HIGH | 8.8 HIGH |
| An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified other impact because nested VT-x is not properly restricted. | |||||
| CVE-2017-3135 | 4 Debian, Isc, Netapp and 1 more | 10 Debian Linux, Bind, Data Ontap Edge and 7 more | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
| Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1. | |||||