Total
2357 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-17050 | 1 Tgsoft | 1 Vir.it Explorer | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730020 DeviceIoControl request to \\.\Viragtlt. | |||||
CVE-2017-17699 | 1 K7computing | 1 Antivirus | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request. | |||||
CVE-2017-13712 | 1 Lame Project | 1 Lame | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument. | |||||
CVE-2017-14318 | 1 Xen | 1 Xen | 2023-12-10 | 4.9 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mapping to the calling domain exists for the page in question. However, the function does not check to see if the owning domain actually has a grant table or not. Some special domains, such as `DOMID_XEN`, `DOMID_IO` and `DOMID_COW` are created without grant tables. Hence, if __gnttab_cache_flush operates on a page owned by these special domains, it will attempt to dereference a NULL pointer in the domain struct. | |||||
CVE-2015-9020 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory. | |||||
CVE-2017-1000471 | 1 Embedthis | 1 Goahead | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service. | |||||
CVE-2017-15015 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c. | |||||
CVE-2017-12781 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | |||||
CVE-2018-5710 | 1 Mit | 1 Kerberos | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client. | |||||
CVE-2017-18005 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file. | |||||
CVE-2017-17113 | 1 Ikarussecurity | 1 Anti.virus | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request. | |||||
CVE-2017-15565 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document. | |||||
CVE-2017-12809 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2023-12-10 | 2.1 LOW | 6.5 MEDIUM |
QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive. | |||||
CVE-2017-14638 | 1 Bento4 | 1 Bento4 | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h. | |||||
CVE-2017-12193 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations. | |||||
CVE-2017-14974 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. | |||||
CVE-2017-11522 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
CVE-2017-12803 | 1 Matroska | 1 Mkclean | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | |||||
CVE-2017-9470 | 1 Ytnef Project | 1 Ytnef | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | |||||
CVE-2017-17554 | 1 Aubio | 1 Aubio | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file. |