Search
Total
1933 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15221 | 5 Canonical, Debian, Linux and 2 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2023-11-09 | 4.9 MEDIUM | 4.6 MEDIUM |
| An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. | |||||
| CVE-2019-15219 | 5 Canonical, Debian, Linux and 2 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2023-11-09 | 4.9 MEDIUM | 4.6 MEDIUM |
| An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. | |||||
| CVE-2023-28466 | 3 Debian, Linux, Netapp | 7 Debian Linux, Linux Kernel, H300s and 4 more | 2023-11-09 | N/A | 7.0 HIGH |
| do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | |||||
| CVE-2023-36199 | 1 Skale | 1 Sgxwallet | 2023-08-29 | N/A | 7.5 HIGH |
| An issue in skalenetwork sgxwallet v.1.9.0 and below allows an attacker to cause a denial of service via the trustedGenerateEcdsaKey component. | |||||
| CVE-2022-47022 | 1 Open-mpi | 1 Hwloc | 2023-08-28 | N/A | 9.8 CRITICAL |
| An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c. | |||||
| CVE-2023-38665 | 1 Nasm | 1 Netwide Assembler | 2023-08-26 | N/A | 5.5 MEDIUM |
| Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash). | |||||
| CVE-2022-36648 | 1 Qemu | 1 Qemu | 2023-08-26 | N/A | 10.0 CRITICAL |
| The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. | |||||
| CVE-2020-18378 | 1 Webassembly | 1 Binaryen | 2023-08-25 | N/A | 6.5 MEDIUM |
| A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as. | |||||
| CVE-2021-40266 | 1 Freeimage Project | 1 Freeimage | 2023-08-25 | N/A | 6.5 MEDIUM |
| FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference. | |||||
| CVE-2021-40264 | 1 Freeimage Project | 1 Freeimage | 2023-08-25 | N/A | 6.5 MEDIUM |
| NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp. | |||||
| CVE-2022-28070 | 1 Radare | 1 Radare2 | 2023-08-24 | N/A | 7.5 HIGH |
| A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0. | |||||
| CVE-2023-4385 | 1 Linux | 1 Linux Kernel | 2023-08-22 | N/A | 5.5 MEDIUM |
| A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check. | |||||
| CVE-2023-3338 | 1 Linux | 1 Linux Kernel | 2023-08-19 | N/A | 6.5 MEDIUM |
| A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system. | |||||
| CVE-2023-2898 | 1 Linux | 1 Linux Kernel | 2023-08-19 | N/A | 4.7 MEDIUM |
| There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem. | |||||
| CVE-2021-3236 | 1 Vim | 1 Vim | 2023-08-18 | N/A | 5.5 MEDIUM |
| vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method. | |||||
| CVE-2021-34122 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference. | |||||
| CVE-2019-16350 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c. | |||||
| CVE-2019-19887 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode. | |||||
| CVE-2021-45385 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it tries to access the pb->data, in jfif_encode() at jfif.c:763. This is due to the incomplete patch for CVE-2020-13438. | |||||
| CVE-2019-16351 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. | |||||
| CVE-2023-39397 | 1 Huawei | 2 Emui, Harmonyos | 2023-08-17 | N/A | 7.5 HIGH |
| Input parameter verification vulnerability in the communication system. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2020-36024 | 1 Freedesktop | 1 Poppler | 2023-08-17 | N/A | 5.5 MEDIUM |
| An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. | |||||
| CVE-2020-24187 | 1 Jerryscript | 1 Jerryscript | 2023-08-16 | N/A | 5.5 MEDIUM |
| An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference). | |||||
| CVE-2020-36138 | 1 Ffmpeg | 1 Ffmpeg | 2023-08-16 | N/A | 7.5 HIGH |
| An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS). | |||||
| CVE-2022-35087 | 1 Swftools | 1 Swftools | 2023-08-08 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c. | |||||
| CVE-2022-36153 | 1 Monostream | 1 Tifig | 2023-08-08 | N/A | 5.5 MEDIUM |
| tifig v0.2.2 was discovered to contain a segmentation violation via std::vector<unsigned int, std::allocator<unsigned int> >::size() const at /bits/stl_vector.h. | |||||
| CVE-2022-38307 | 1 Lief-project | 1 Lief | 2023-08-08 | N/A | 5.5 MEDIUM |
| LIEF commit 5d1d643 was discovered to contain a segmentation violation via the function LIEF::MachO::SegmentCommand::file_offset() at /MachO/SegmentCommand.cpp. | |||||
| CVE-2022-47360 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-08-08 | N/A | 5.5 MEDIUM |
| In log service, there is a missing permission check. This could lead to local denial of service in log service. | |||||
| CVE-2021-38567 | 2 Foxit, Foxitsoftware | 2 Pdf Reader, Pdf Editor | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS. It mishandles missing dictionary entries, leading to a NULL pointer dereference, aka CNVD-C-2021-95204. | |||||
| CVE-2022-47359 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-08-08 | N/A | 5.5 MEDIUM |
| In log service, there is a missing permission check. This could lead to local denial of service in log service. | |||||
| CVE-2022-36151 | 1 Monostream | 1 Tifig | 2023-08-08 | N/A | 5.5 MEDIUM |
| tifig v0.2.2 was discovered to contain a segmentation violation via getType() at /common/bbox.cpp. | |||||
| CVE-2022-38497 | 1 Lief-project | 1 Lief | 2023-08-08 | N/A | 5.5 MEDIUM |
| LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69. | |||||
| CVE-2022-42928 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-08-08 | N/A | 8.8 HIGH |
| Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106. | |||||
| CVE-2022-0582 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-35484 | 1 Otfcc Project | 1 Otfcc | 2023-08-08 | N/A | 6.5 MEDIUM |
| OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f. | |||||
| CVE-2022-35108 | 1 Swftools | 1 Swftools | 2023-08-08 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc. | |||||
| CVE-2022-41595 | 1 Huawei | 2 Emui, Harmonyos | 2023-08-08 | N/A | 3.4 LOW |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | |||||
| CVE-2023-29984 | 3 Brother, Fujifilm, Toshibatec | 432 Dcp-1610w, Dcp-1610w Firmware, Dcp-1610we and 429 more | 2023-08-07 | N/A | 7.5 HIGH |
| Null pointer dereference vulnerability exists in multiple vendors MFPs and printers which implement Debut web server 1.2 or 1.3. Processing a specially crafted request may lead an affected product to a denial-of-service (DoS) condition. As for the affected products/models/versions, see the detailed information provided by each vendor. | |||||
| CVE-2022-1671 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2023-08-04 | N/A | 7.1 HIGH |
| A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information. | |||||
| CVE-2022-3202 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2023-08-04 | N/A | 7.1 HIGH |
| A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information. | |||||
| CVE-2022-41858 | 2 Linux, Netapp | 2 Linux Kernel, Hci Baseboard Management Controller | 2023-08-04 | N/A | 7.1 HIGH |
| A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. | |||||
| CVE-2023-1583 | 1 Linux | 1 Linux Kernel | 2023-08-02 | N/A | 5.5 MEDIUM |
| A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. When fixed files are unregistered, some context information (file_alloc_{start,end} and alloc_hint) is not cleared. A subsequent request that has auto index selection enabled via IORING_FILE_INDEX_ALLOC can cause a NULL pointer dereference. An unprivileged user can use the flaw to cause a system crash. | |||||
| CVE-2023-2953 | 4 Apple, Netapp, Openldap and 1 more | 16 Macos, Active Iq Unified Manager, Clustered Data Ontap and 13 more | 2023-08-02 | N/A | 7.5 HIGH |
| A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function. | |||||
| CVE-2023-3355 | 1 Linux | 1 Linux Kernel | 2023-08-02 | N/A | 5.5 MEDIUM |
| A NULL pointer dereference flaw was found in the Linux kernel's drivers/gpu/drm/msm/msm_gem_submit.c code in the submit_lookup_cmds function, which fails because it lacks a check of the return value of kmalloc(). This issue allows a local user to crash the system. | |||||
| CVE-2023-2908 | 1 Libtiff | 1 Libtiff | 2023-08-02 | N/A | 5.5 MEDIUM |
| A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service. | |||||
| CVE-2023-37732 | 1 Yasm Project | 1 Yasm | 2023-08-02 | N/A | 5.5 MEDIUM |
| Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file. | |||||
| CVE-2023-3316 | 1 Libtiff | 1 Libtiff | 2023-08-01 | N/A | 6.5 MEDIUM |
| A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones. | |||||
| CVE-2023-38670 | 1 Paddlepaddle | 1 Paddlepaddle | 2023-07-31 | N/A | 7.5 HIGH |
| Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service. | |||||
| CVE-2020-35499 | 1 Linux | 1 Linux Kernel | 2023-07-28 | 7.2 HIGH | 6.7 MEDIUM |
| A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a special user privilege to crash the system (DOS) or leak kernel internal information. | |||||
| CVE-2022-3563 | 1 Bluez | 1 Bluez | 2023-07-27 | N/A | 5.7 MEDIUM |
| A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function read_50_controller_cap_complete of the file tools/mgmt-tester.c of the component BlueZ. The manipulation of the argument cap_len leads to null pointer dereference. It is recommended to apply a patch to fix this issue. VDB-211086 is the identifier assigned to this vulnerability. | |||||