Total
2396 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16329 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c. | |||||
| CVE-2018-20199 | 2 Audiocoding, Debian | 2 Freeware Advanced Audio Decoder 2, Debian Linux | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case. | |||||
| CVE-2018-1000800 | 1 Zephyrproject | 1 Zephyr | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result in CPU Page Fault (error code 0x00000010). This attack appear to be exploitable via a malicious application call the vulnerable kernel APIs (system sys_ring_buf_get() and sys_ring_buf_put). | |||||
| CVE-2018-19935 | 2 Debian, Php | 2 Debian Linux, Php | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function. | |||||
| CVE-2018-15858 | 2 Canonical, Xkbcommon | 3 Ubuntu Linux, Libxkbcommon, Xkbcommon | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file. | |||||
| CVE-2018-18606 | 3 Debian, Gnu, Netapp | 3 Debian Linux, Binutils, Data Ontap | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. | |||||
| CVE-2019-9113 | 1 Libming | 1 Ming | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a. | |||||
| CVE-2018-17282 | 1 Exiv2 | 1 Exiv2 | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference. | |||||
| CVE-2018-18318 | 1 Qiku | 2 360 Mobile Phone N6 Pro, 360 Mobile Phone N6 Pro Firmware | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| The /dev/block/mmcblk0rpmb driver kernel module on Qiku 360 Phone N6 Pro 1801-A01 devices allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted 0xc0d8b300 ioctl call. | |||||
| CVE-2016-9572 | 2 Debian, Uclouvain | 2 Debian Linux, Openjpeg | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image. | |||||
| CVE-2018-18458 | 1 Xpdfreader | 1 Xpdf | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
| CVE-2019-8413 | 1 Mi | 2 Mi Mix 2, Mi Mix 2 Firmware | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
| On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka decimal 1074316661). | |||||
| CVE-2018-18088 | 2 Debian, Uclouvain | 2 Debian Linux, Openjpeg | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c | |||||
| CVE-2018-7361 | 1 Zte | 2 Zxhn F670, Zxhn F670 Firmware | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
| All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by null pointer dereference vulnerability, which may allows an attacker to cause a denial of service via appviahttp service. | |||||
| CVE-2018-18192 | 1 Linuxsampler | 1 Libgig | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libgig 4.1.0. There is a NULL pointer dereference in the function DLS::File::GetFirstSample() in DLS.cpp. | |||||
| CVE-2018-16749 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file. | |||||
| CVE-2018-9190 | 1 Fortinet | 1 Forticlient | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
| A null pointer dereference vulnerability in Fortinet FortiClientWindows 6.0.2 and earlier allows attacker to cause a denial of service via the NDIS miniport driver. | |||||
| CVE-2017-2635 | 1 Redhat | 1 Libvirt | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service. | |||||
| CVE-2018-19211 | 1 Gnu | 1 Ncurses | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection. | |||||
| CVE-2018-19720 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||