Total
2418 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48416 | 1 Google | 1 Android | 2024-03-12 | N/A | 7.5 HIGH |
| In multiple locations, there is a possible null dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-3354 | 3 Fedoraproject, Qemu, Redhat | 4 Fedora, Qemu, Enterprise Linux and 1 more | 2024-03-11 | N/A | 7.5 HIGH |
| A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service. | |||||
| CVE-2024-1443 | 2024-03-07 | N/A | 4.4 MEDIUM | ||
| MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process. | |||||
| CVE-2020-13578 | 2 Fedoraproject, Genivia | 2 Fedora, Gsoap | 2024-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2020-13577 | 2 Fedoraproject, Genivia | 2 Fedora, Gsoap | 2024-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2020-13575 | 2 Fedoraproject, Genivia | 2 Fedora, Gsoap | 2024-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2020-13574 | 2 Fedoraproject, Genivia | 2 Fedora, Gsoap | 2024-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2023-44347 | 2024-02-29 | N/A | 5.5 MEDIUM | ||
| Adobe InDesign versions ID18.5 (and earlier) and ID17.4.2 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44341 | 2024-02-29 | N/A | 5.5 MEDIUM | ||
| Adobe InDesign versions ID18.5 (and earlier) and ID17.4.2 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-6247 | 2024-02-29 | N/A | N/A | ||
| The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing. | |||||
| CVE-2023-51394 | 2024-02-26 | N/A | 5.3 MEDIUM | ||
| High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash. | |||||
| CVE-2024-26130 | 2024-02-22 | N/A | 7.5 HIGH | ||
| cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised. | |||||
| CVE-2023-29179 | 2024-02-22 | N/A | 6.5 MEDIUM | ||
| A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, Fortiproxy version 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 allows attacker to denial of service via specially crafted HTTP requests. | |||||
| CVE-2023-29180 | 2024-02-22 | N/A | 7.5 HIGH | ||
| A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.3, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to denial of service via specially crafted HTTP requests. | |||||
| CVE-2023-6397 | 2024-02-20 | N/A | 6.5 MEDIUM | ||
| A null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed file onto a LAN-side host if the firewall has the “Anti-Malware” feature enabled. | |||||
| CVE-2023-52371 | 2024-02-20 | N/A | N/A | ||
| Vulnerability of null references in the motor module.Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2023-49083 | 1 Cryptography Project | 1 Cryptography | 2024-02-17 | N/A | 7.5 HIGH |
| cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6. | |||||
| CVE-2002-0401 | 2 Debian, Ethereal | 2 Debian Linux, Ethereal | 2024-02-16 | 7.5 HIGH | 7.5 HIGH |
| SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. | |||||
| CVE-2001-1559 | 1 Openbsd | 1 Openbsd | 2024-02-16 | 2.1 LOW | 5.5 MEDIUM |
| The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference. | |||||
| CVE-2004-0119 | 1 Microsoft | 3 Windows 2000, Windows Server 2003, Windows Xp | 2024-02-15 | 7.5 HIGH | 7.5 HIGH |
| The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection. | |||||