Vulnerabilities (CVE)

Filtered by CWE-476
Total 2357 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17050 1 Tgsoft 1 Vir.it Explorer 2023-12-10 4.6 MEDIUM 7.8 HIGH
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730020 DeviceIoControl request to \\.\Viragtlt.
CVE-2017-17699 1 K7computing 1 Antivirus 2023-12-10 7.5 HIGH 9.8 CRITICAL
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request.
CVE-2017-13712 1 Lame Project 1 Lame 2023-12-10 5.0 MEDIUM 7.5 HIGH
NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument.
CVE-2017-14318 1 Xen 1 Xen 2023-12-10 4.9 MEDIUM 6.5 MEDIUM
An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mapping to the calling domain exists for the page in question. However, the function does not check to see if the owning domain actually has a grant table or not. Some special domains, such as `DOMID_XEN`, `DOMID_IO` and `DOMID_COW` are created without grant tables. Hence, if __gnttab_cache_flush operates on a page owned by these special domains, it will attempt to dereference a NULL pointer in the domain struct.
CVE-2015-9020 1 Google 1 Android 2023-12-10 9.3 HIGH 7.8 HIGH
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory.
CVE-2017-1000471 1 Embedthis 1 Goahead 2023-12-10 7.5 HIGH 9.8 CRITICAL
EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service.
CVE-2017-15015 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2023-12-10 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
CVE-2017-12781 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
CVE-2018-5710 1 Mit 1 Kerberos 2023-12-10 4.0 MEDIUM 6.5 MEDIUM
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.
CVE-2017-18005 2 Debian, Exiv2 2 Debian Linux, Exiv2 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file.
CVE-2017-17113 1 Ikarussecurity 1 Anti.virus 2023-12-10 2.1 LOW 5.5 MEDIUM
ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request.
CVE-2017-15565 2 Debian, Freedesktop 2 Debian Linux, Poppler 2023-12-10 6.8 MEDIUM 8.8 HIGH
In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.
CVE-2017-12809 2 Debian, Qemu 2 Debian Linux, Qemu 2023-12-10 2.1 LOW 6.5 MEDIUM
QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.
CVE-2017-14638 1 Bento4 1 Bento4 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h.
CVE-2017-12193 1 Linux 1 Linux Kernel 2023-12-10 4.9 MEDIUM 5.5 MEDIUM
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.
CVE-2017-14974 1 Gnu 1 Binutils 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
CVE-2017-11522 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-12803 1 Matroska 1 Mkclean 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
CVE-2017-9470 1 Ytnef Project 1 Ytnef 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
CVE-2017-17554 1 Aubio 1 Aubio 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.