Total
2401 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-18883 | 1 Xen | 1 Xen | 2023-12-10 | 7.2 HIGH | 8.8 HIGH |
An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified other impact because nested VT-x is not properly restricted. | |||||
CVE-2017-3135 | 4 Debian, Isc, Netapp and 1 more | 10 Debian Linux, Bind, Data Ontap Edge and 7 more | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1. | |||||
CVE-2018-17893 | 1 Lcds | 1 Laquis Scada | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, which may allow remote code execution. | |||||
CVE-2018-8011 | 2 Apache, Netapp | 2 Http Server, Cloud Backup | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.33). | |||||
CVE-2018-19407 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. | |||||
CVE-2019-6137 | 1 Mz-automation | 1 Lib60870 | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference. | |||||
CVE-2018-20428 | 1 Libming | 1 Libming | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerability than CVE-2018-7874. | |||||
CVE-2018-19624 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference. | |||||
CVE-2019-6456 | 1 Gnu | 1 Recutils | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a. | |||||
CVE-2018-18937 | 1 Mz-automation | 1 Libiec61850 | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c. | |||||
CVE-2018-17154 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. Unprivileged authenticated local users may be able to cause a denial of service. | |||||
CVE-2018-12014 | 1 Google | 1 Android | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Null pointer dereference vulnerability may occur due to missing NULL assignment in NAT module of freed pointer. | |||||
CVE-2018-19209 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack. | |||||
CVE-2019-6445 | 1 Ntpsec | 1 Ntpsec | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem. | |||||
CVE-2019-7151 | 1 Webassembly | 1 Binaryen | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
A NULL pointer dereference was discovered in wasm::Module::getFunctionOrNull in wasm/wasm.cpp in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt. | |||||
CVE-2018-16517 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. | |||||
CVE-2017-2575 | 1 Libbpg Project | 1 Libbpg | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
A vulnerability was found while fuzzing libbpg 0.9.7. It is a NULL pointer dereference issue due to missing check of the return value of function malloc in the BPG encoder. This vulnerability appeared while converting a malicious JPEG file to BPG. | |||||
CVE-2018-18459 | 1 Xpdfreader | 1 Xpdf | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
CVE-2017-2586 | 1 Netpbm Project | 1 Netpbm | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash. | |||||
CVE-2018-19149 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Poppler | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment. |