Total
2401 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-11637 | 1 Graphicsmagick | 1 Graphicsmagick | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. | |||||
CVE-2017-16647 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.2 HIGH | 6.6 MEDIUM |
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. | |||||
CVE-2017-14624 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c. | |||||
CVE-2017-9608 | 1 Ffmpeg | 1 Ffmpeg | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file. | |||||
CVE-2017-14977 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. | |||||
CVE-2015-9054 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced during GAL decoding. | |||||
CVE-2017-15921 | 1 Watchdogdevelopment | 2 Anti-malware, Online Security Pro | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. | |||||
CVE-2017-14641 | 1 Bento4 | 1 Bento4 | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
A NULL pointer dereference was discovered in the AP4_DataAtom class in MetaData/Ap4MetaData.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. | |||||
CVE-2017-4938 | 1 Vmware | 2 Fusion, Workstation | 2023-12-10 | 2.1 LOW | 6.5 MEDIUM |
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. | |||||
CVE-2017-11189 | 1 Rarzilla | 1 Unrar-free | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the same as what was separately reported as CVE-2017-14121. | |||||
CVE-2017-9216 | 2 Artifex, Debian | 2 Jbig2dec, Debian Linux | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file. | |||||
CVE-2017-0686 | 1 Google | 1 Android | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231231. | |||||
CVE-2017-8820 | 2 Debian, Tor Project | 2 Debian Linux, Tor | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed descriptor, aka TROVE-2017-010. | |||||
CVE-2017-14121 | 2 Debian, Rarlab | 2 Debian Linux, Unrar | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references. | |||||
CVE-2017-17997 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343. | |||||
CVE-2017-15955 | 2 Bchunk Project, Debian | 2 Bchunk, Debian Linux | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an "Access violation near NULL on destination operand" and crash when processing a malformed CUE (.cue) file. | |||||
CVE-2017-11124 | 1 Xar Project | 1 Xar | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c. | |||||
CVE-2017-7458 | 1 Ntop | 1 Ntopng | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address. | |||||
CVE-2017-9503 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2023-12-10 | 1.9 LOW | 5.5 MEDIUM |
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing. | |||||
CVE-2017-16359 | 1 Radare | 1 Radare2 | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c. |