Vulnerabilities (CVE)

Filtered by CWE-476
Total 1792 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9040 1 Gnu 1 Binutils 2017-09-19 4.3 MEDIUM 5.5 MEDIUM
GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.
CVE-2017-14406 1 Mp3gain 1 Mp3gain 2017-09-18 4.3 MEDIUM 5.5 MEDIUM
A NULL pointer dereference was discovered in sync_buffer in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.
CVE-2017-14181 1 Aacplusenc Project 1 Aacplusenc 2017-09-14 6.8 MEDIUM 7.8 HIGH
DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid memory write, SEGV on unknown address 0x000000000030, and application crash) or possibly have unspecified other impact via a crafted .wav file, aka a NULL pointer dereference.
CVE-2017-12476 1 Bento4 1 Bento4 2017-09-07 4.3 MEDIUM 5.5 MEDIUM
The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.
CVE-2017-12474 1 Bento4 1 Bento4 2017-09-07 4.3 MEDIUM 5.5 MEDIUM
The AP4_AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable.cpp in Bento4 mp42ts before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.
CVE-2017-12952 1 Libgig0 1 Libgig 2017-09-06 4.3 MEDIUM 6.5 MEDIUM
The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.
CVE-2017-14149 1 Embedthis 1 Goahead 2017-09-05 5.0 MEDIUM 7.5 HIGH
GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request.
CVE-2016-6504 1 Wireshark 1 Wireshark 2017-09-03 4.3 MEDIUM 5.9 MEDIUM
epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
CVE-2017-13764 1 Wireshark 1 Wireshark 2017-09-03 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation.
CVE-2017-10792 1 Gnu 1 Pspp 2017-09-02 4.3 MEDIUM 6.5 MEDIUM
There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack.
CVE-2017-12920 1 Libfpx Project 1 Libfpx 2017-09-01 4.3 MEDIUM 6.5 MEDIUM
CDirectory::GetDirEntry in dir.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
CVE-2017-12921 1 Libfpx Project 1 Libfpx 2017-09-01 4.3 MEDIUM 6.5 MEDIUM
PFileFlashPixView::GetGlobalInfoProperty in f_fpxvw.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
CVE-2017-12922 1 Libfpx Project 1 Libfpx 2017-09-01 4.3 MEDIUM 6.5 MEDIUM
wchar.c in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
CVE-2017-12923 1 Libfpx Project 1 Libfpx 2017-09-01 4.3 MEDIUM 6.5 MEDIUM
OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
CVE-2017-13712 1 Lame Project 1 Lame 2017-09-01 5.0 MEDIUM 7.5 HIGH
NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument.
CVE-2016-4649 1 Apple 1 Mac Os X 2017-09-01 2.1 LOW 5.5 MEDIUM
Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2016-4605 1 Apple 1 Iphone Os 2017-09-01 7.1 HIGH 6.5 MEDIUM
Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted invitation.
CVE-2015-7516 1 Onosproject 1 Onos 2017-08-30 7.8 HIGH 7.5 HIGH
ONOS before 1.5.0 when using the ifwd app allows remote attackers to cause a denial of service (NULL pointer dereference and switch disconnect) by sending two Ethernet frames with ether_type Jumbo Frame (0x8870).
CVE-2017-13710 1 Gnu 1 Binutils 2017-08-30 5.0 MEDIUM 7.5 HIGH
The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small.
CVE-2017-13686 1 Linux 1 Linux Kernel 2017-08-30 7.2 HIGH 7.8 HIGH
net/ipv4/route.c in the Linux kernel 4.13-rc1 through 4.13-rc6 is too late to check for a NULL fi field when RTM_F_FIB_MATCH is set, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via crafted system calls. NOTE: this does not affect any stable release.