Vulnerabilities (CVE)

Filtered by CWE-476
Total 2357 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-10548 4 Canonical, Debian, Netapp and 1 more 4 Ubuntu Linux, Debian Linux, Storage Automation Store and 1 more 2023-12-10 5.0 MEDIUM 7.5 HIGH
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.
CVE-2018-8043 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2023-12-10 2.1 LOW 5.5 MEDIUM
The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).
CVE-2015-9134 1 Qualcomm 12 Sd 410, Sd 410 Firmware, Sd 412 and 9 more 2023-12-10 5.0 MEDIUM 7.5 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, and SD 810, while processing QSEE Syscall 'qsee_macc_gen_ecc_privkey', untrusted pointer dereference occurs, which could result in arbitrary write.
CVE-2018-1095 1 Linux 1 Linux Kernel 2023-12-10 7.1 HIGH 5.5 MEDIUM
The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of service (get_acl NULL pointer dereference and system crash) via a crafted ext4 image.
CVE-2018-10373 2 Gnu, Redhat 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new.
CVE-2018-10773 1 Bibutils Project 1 Bibutils 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
NULL pointer deference in the addsn function in serialno.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by copac2xml.
CVE-2018-9151 1 Kingsoft 1 Internet Security 9 Plus 2023-12-10 4.9 MEDIUM 5.5 MEDIUM
A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys allows local non-privileged users to crash the system via IOCTL 0x80030030.
CVE-2018-6319 1 Sophos 1 Sophos Tester 2023-12-10 4.9 MEDIUM 5.5 MEDIUM
In Sophos Tester Tool 3.2.0.7 Beta, the driver accepts a special DeviceIoControl code that doesn't check its argument. This argument is a memory address: if a caller passes a NULL pointer or a random invalid address, the driver will cause a Blue Screen of Death. If a program or malware does this at boot time, it can cause a persistent denial of service on the machine.
CVE-2018-11202 1 Hdfgroup 1 Hdf5 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2017-18216 1 Linux 1 Linux Kernel 2023-12-10 2.1 LOW 5.5 MEDIUM
In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.
CVE-2017-18199 1 Gnu 1 Libcdio 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
CVE-2018-7998 2 Debian, Libvips 2 Debian Linux, Libvips 2023-12-10 5.1 MEDIUM 7.5 HIGH
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads.
CVE-2017-14435 1 Moxa 2 Edr-810, Edr-810 Firmware 2023-12-10 5.0 MEDIUM 7.5 HIGH
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG.ini" without a cookie header to trigger this vulnerability.
CVE-2018-10775 1 Bibutils Project 1 Bibutils 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
NULL pointer dereference in the _fields_add function in fields.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by end2xml.
CVE-2017-18209 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2023-12-10 6.8 MEDIUM 8.8 HIGH
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.
CVE-2018-13440 2 Audio File Library Project, Canonical 2 Audio File Library, Ubuntu Linux 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.
CVE-2018-12928 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2023-12-10 4.9 MEDIUM 5.5 MEDIUM
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2018-12648 1 Exempi Project 1 Exempi 2023-12-10 4.3 MEDIUM 7.5 HIGH
The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference.
CVE-2018-10945 1 Cesanta 1 Mongoose 2023-12-10 5.0 MEDIUM 7.5 HIGH
The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function.
CVE-2018-6250 2 Microsoft, Nvidia 2 Windows, Gpu Driver 2023-12-10 7.2 HIGH 8.8 HIGH
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges.