Search
Total
733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9020 | 1 Google | 1 Android | 2017-07-08 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory. | |||||
| CVE-2015-9027 | 1 Google | 1 Android | 2017-07-08 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | |||||
| CVE-2015-9026 | 1 Google | 1 Android | 2017-07-08 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | |||||
| CVE-2014-9967 | 1 Google | 1 Android | 2017-07-08 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | |||||
| CVE-2017-7458 | 1 Ntop | 1 Ntopng | 2017-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address. | |||||
| CVE-2016-5391 | 2 Fedoraproject, Libreswan | 2 Fedora, Libreswan | 2017-06-21 | 5.0 MEDIUM | 7.5 HIGH |
| libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart). | |||||
| CVE-2014-7919 | 1 Google | 1 Android | 2017-06-15 | 5.0 MEDIUM | 7.5 HIGH |
| b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger a denial of service (null pointer dereference and process crash). | |||||
| CVE-2014-9943 | 1 Google | 1 Android | 2017-06-09 | 9.3 HIGH | 7.8 HIGH |
| In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist. | |||||
| CVE-2014-9949 | 1 Google | 1 Android | 2017-06-08 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist. | |||||
| CVE-2017-0351 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2017-06-05 | 7.2 HIGH | 7.8 HIGH |
| All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges. | |||||
| CVE-2017-0349 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2017-05-25 | 7.2 HIGH | 7.8 HIGH |
| All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is not correctly validated before it is dereferenced for a write operation, may lead to denial of service or potential escalation of privileges. | |||||
| CVE-2017-8825 | 1 Libetpan Project | 1 Libetpan | 2017-05-18 | 5.0 MEDIUM | 7.5 HIGH |
| A null dereference vulnerability has been found in the MIME handling component of LibEtPan before 1.8, as used in MailCore and MailCore 2. A crash can occur in low-level/imf/mailimf.c during a failed parse of a Cc header containing multiple e-mail addresses. | |||||
| CVE-2017-0348 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2017-05-17 | 7.2 HIGH | 7.8 HIGH |
| All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges. | |||||
| CVE-2017-0341 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2017-05-17 | 7.2 HIGH | 7.8 HIGH |
| All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input can trigger an access to a pointer that has not been initialized which may lead to denial of service or potential escalation of privileges. | |||||
| CVE-2016-10210 | 1 Virustotal | 1 Yara | 2017-05-02 | 5.0 MEDIUM | 7.5 HIGH |
| libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function. | |||||
| CVE-2016-6561 | 1 Illumos | 1 Illumos | 2017-05-02 | 7.8 HIGH | 7.5 HIGH |
| illumos smbsrv NULL pointer dereference allows system crash. | |||||
| CVE-2016-8723 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2017-04-20 | 7.8 HIGH | 7.5 HIGH |
| An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an '/' will cause a segmentation fault in the web server. An attacker can send any of a multitude of potentially unexpected HTTP get requests to trigger this vulnerability. | |||||
| CVE-2016-8726 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2017-04-20 | 7.8 HIGH | 7.5 HIGH |
| An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will cause a segmentation fault in the web server. | |||||
| CVE-2017-6441 | 1 Php | 1 Php | 2017-04-10 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do not request CVEs for ordinary bugs. CVEs are relevant for security issues only." | |||||
| CVE-2017-7243 | 1 Eclipse | 1 Tinydtls | 2017-03-31 | 5.0 MEDIUM | 7.5 HIGH |
| Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake. | |||||
| CVE-2016-10129 | 1 Libgit2 Project | 1 Libgit2 | 2017-03-28 | 5.0 MEDIUM | 7.5 HIGH |
| The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line. | |||||
| CVE-2016-10132 | 2 Artifex, Fedoraproject | 2 Mujs, Fedora | 2017-03-27 | 5.0 MEDIUM | 7.5 HIGH |
| regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation. | |||||
| CVE-2016-9049 | 1 Aerospike | 1 Database Server | 2017-03-02 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability. | |||||
| CVE-2017-0323 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2017-02-23 | 7.2 HIGH | 7.8 HIGH |
| All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges. | |||||
| CVE-2017-0315 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2017-02-23 | 7.2 HIGH | 7.8 HIGH |
| All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an attempt to access an invalid object pointer may lead to denial of service or potential escalation of privileges. | |||||
| CVE-2017-0321 | 5 Freebsd, Linux, Microsoft and 2 more | 5 Freebsd, Linux Kernel, Windows and 2 more | 2017-02-23 | 7.2 HIGH | 8.8 HIGH |
| All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges. | |||||
| CVE-2016-4780 | 1 Apple | 1 Mac Os X | 2017-02-21 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
| CVE-2016-6866 | 2 Fedoraproject, Suckless | 2 Fedora, Slock | 2017-02-17 | 5.0 MEDIUM | 7.5 HIGH |
| slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash. | |||||
| CVE-2016-8813 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2016-12-24 | 7.2 HIGH | 7.8 HIGH |
| All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges. | |||||
| CVE-2016-8814 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2016-12-24 | 7.2 HIGH | 7.8 HIGH |
| All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges. | |||||
| CVE-2016-9313 | 1 Linux | 1 Linux Kernel | 2016-11-30 | 9.3 HIGH | 7.8 HIGH |
| security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified other impact via a crafted application that uses the big_key data type. | |||||
| CVE-2016-9296 | 1 7-zip | 1 P7zip | 2016-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z.so library and in 7z applications, will cause a crash and a denial of service when decoding malformed 7z files. | |||||
| CVE-2016-7160 | 1 Samsung | 1 Samsung Mobile | 2016-11-28 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248. | |||||