Total
2357 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-10548 | 4 Canonical, Debian, Netapp and 1 more | 4 Ubuntu Linux, Debian Linux, Storage Automation Store and 1 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value. | |||||
CVE-2018-8043 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference). | |||||
CVE-2015-9134 | 1 Qualcomm | 12 Sd 410, Sd 410 Firmware, Sd 412 and 9 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, and SD 810, while processing QSEE Syscall 'qsee_macc_gen_ecc_privkey', untrusted pointer dereference occurs, which could result in arbitrary write. | |||||
CVE-2018-1095 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.1 HIGH | 5.5 MEDIUM |
The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of service (get_acl NULL pointer dereference and system crash) via a crafted ext4 image. | |||||
CVE-2018-10373 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new. | |||||
CVE-2018-10773 | 1 Bibutils Project | 1 Bibutils | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
NULL pointer deference in the addsn function in serialno.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by copac2xml. | |||||
CVE-2018-9151 | 1 Kingsoft | 1 Internet Security 9 Plus | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys allows local non-privileged users to crash the system via IOCTL 0x80030030. | |||||
CVE-2018-6319 | 1 Sophos | 1 Sophos Tester | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
In Sophos Tester Tool 3.2.0.7 Beta, the driver accepts a special DeviceIoControl code that doesn't check its argument. This argument is a memory address: if a caller passes a NULL pointer or a random invalid address, the driver will cause a Blue Screen of Death. If a program or malware does this at boot time, it can cause a persistent denial of service on the machine. | |||||
CVE-2018-11202 | 1 Hdfgroup | 1 Hdf5 | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. | |||||
CVE-2017-18216 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used. | |||||
CVE-2017-18199 | 1 Gnu | 1 Libcdio | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file. | |||||
CVE-2018-7998 | 2 Debian, Libvips | 2 Debian Linux, Libvips | 2023-12-10 | 5.1 MEDIUM | 7.5 HIGH |
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads. | |||||
CVE-2017-14435 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG.ini" without a cookie header to trigger this vulnerability. | |||||
CVE-2018-10775 | 1 Bibutils Project | 1 Bibutils | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
NULL pointer dereference in the _fields_add function in fields.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by end2xml. | |||||
CVE-2017-18209 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory. | |||||
CVE-2018-13440 | 2 Audio File Library Project, Canonical | 2 Audio File Library, Ubuntu Linux | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert. | |||||
CVE-2018-12928 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem. | |||||
CVE-2018-12648 | 1 Exempi Project | 1 Exempi | 2023-12-10 | 4.3 MEDIUM | 7.5 HIGH |
The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference. | |||||
CVE-2018-10945 | 1 Cesanta | 1 Mongoose | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function. | |||||
CVE-2018-6250 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2023-12-10 | 7.2 HIGH | 8.8 HIGH |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges. |