Search
Total
1933 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-9746 | 1 Webmproject | 1 Libwebm | 2019-03-14 | 5.0 MEDIUM | 7.5 HIGH |
| In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212. | |||||
| CVE-2017-6178 | 1 Usbpcap Project | 1 Usbpcap | 2019-03-13 | 4.6 MEDIUM | 7.8 HIGH |
| The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference. | |||||
| CVE-2018-0833 | 1 Microsoft | 3 Windows 8.1, Windows Rt 8.1, Windows Server 2012 | 2019-03-13 | 6.3 MEDIUM | 5.3 MEDIUM |
| The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests are handled, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability". | |||||
| CVE-2016-4777 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-13 | 9.3 HIGH | 7.8 HIGH |
| The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (invalid pointer dereference) via a crafted app. | |||||
| CVE-2017-6497 | 1 Imagemagick | 1 Imagemagick | 2019-03-13 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS). | |||||
| CVE-2017-6501 | 1 Imagemagick | 1 Imagemagick | 2019-03-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference. | |||||
| CVE-2018-5206 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2019-03-12 | 7.5 HIGH | 9.8 CRITICAL |
| When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | |||||
| CVE-2018-11694 | 1 Sass-lang | 1 Libsass | 2019-03-11 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||
| CVE-2018-11696 | 1 Sass-lang | 1 Libsass | 2019-03-11 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||
| CVE-2019-9589 | 1 Glyphandcog | 1 Xpdfreader | 2019-03-06 | 6.8 MEDIUM | 7.8 HIGH |
| There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2018-7548 | 2 Canonical, Zsh | 2 Ubuntu Linux, Zsh | 2019-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result. | |||||
| CVE-2018-8043 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2019-03-04 | 2.1 LOW | 5.5 MEDIUM |
| The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference). | |||||
| CVE-2018-7872 | 2 Debian, Libming | 2 Debian Linux, Libming | 2019-03-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | |||||
| CVE-2018-7870 | 2 Debian, Libming | 2 Debian Linux, Libming | 2019-03-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An invalid memory address dereference was discovered in getString in util/decompile.c in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | |||||
| CVE-2018-6116 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2019-03-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |||||
| CVE-2017-17997 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2019-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343. | |||||
| CVE-2018-7050 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2019-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick. | |||||
| CVE-2018-7052 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2019-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer dereference would occur. | |||||
| CVE-2019-9031 | 1 Matio Project | 1 Matio | 2019-02-27 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a NULL pointer dereference in the function Mat_VarFree() in mat.c. | |||||
| CVE-2019-9113 | 1 Libming | 1 Ming | 2019-02-25 | 6.8 MEDIUM | 8.8 HIGH |
| Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a. | |||||
| CVE-2019-8413 | 1 Xiaomi | 2 Mi Mix 2, Mi Mix 2 Firmware | 2019-02-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka decimal 1074316661). | |||||
| CVE-2019-8382 | 1 Axiosys | 1 Bento4 | 2019-02-19 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when called from Core/Ap4Movie.cpp. It can be triggered by sending a crafted file to the mp4dump binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2019-8380 | 1 Axiosys | 1 Bento4 | 2019-02-19 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in AP4_Track::GetSampleIndexForTimeStampMs() located in Core/Ap4Track.cpp. It can triggered by sending a crafted file to the mp4audioclip binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2019-5914 | 1 Nttdocomo | 2 V20 Pro L-01j, V20 Pro L-01j Firmware | 2019-02-15 | 5.7 MEDIUM | 5.3 MEDIUM |
| V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer exception flaw that can be used by an attacker to cause the device to crash on the same network range via a specially crafted access point. | |||||
| CVE-2018-20751 | 1 Podofo Project | 1 Podofo | 2019-02-08 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference. | |||||
| CVE-2018-7262 | 2 Fedoraproject, Redhat | 2 Fedora, Ceph | 2019-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service. | |||||
| CVE-2019-7233 | 1 Libdoc Project | 1 Libdoc | 2019-02-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference. | |||||
| CVE-2019-6137 | 1 Mz-automation | 1 Lib60870 | 2019-01-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference. | |||||
| CVE-2018-18883 | 1 Xen | 1 Xen | 2019-01-24 | 7.2 HIGH | 8.8 HIGH |
| An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified other impact because nested VT-x is not properly restricted. | |||||
| CVE-2016-9311 | 1 Ntp | 1 Ntp | 2019-01-24 | 7.1 HIGH | 5.9 MEDIUM |
| ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet. | |||||
| CVE-2018-18318 | 1 Qiku | 2 360 Mobile Phone N6 Pro, 360 Mobile Phone N6 Pro Firmware | 2019-01-23 | 7.8 HIGH | 7.5 HIGH |
| The /dev/block/mmcblk0rpmb driver kernel module on Qiku 360 Phone N6 Pro 1801-A01 devices allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted 0xc0d8b300 ioctl call. | |||||
| CVE-2019-6445 | 1 Ntpsec | 1 Ntpsec | 2019-01-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem. | |||||
| CVE-2017-18079 | 1 Linux | 1 Linux Kernel | 2019-01-19 | 7.2 HIGH | 7.8 HIGH |
| drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated. | |||||
| CVE-2018-17127 | 1 Asus | 2 Gt-ac5300, Gt-ac5300 Firmware | 2019-01-18 | 7.8 HIGH | 7.5 HIGH |
| blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (NULL pointer dereference and device crash) via a request that lacks a timestap parameter. | |||||
| CVE-2017-14517 | 1 Freedesktop | 1 Poppler | 2019-01-18 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document. | |||||
| CVE-2019-6456 | 1 Gnu | 1 Recutils | 2019-01-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a. | |||||
| CVE-2019-6460 | 1 Gnu | 1 Recutils | 2019-01-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_field_set_name() in the file rec-field.c in librec.a. | |||||
| CVE-2019-5006 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2019-01-15 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing. | |||||
| CVE-2019-5007 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2019-01-15 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing. | |||||
| CVE-2017-2647 | 1 Linux | 1 Linux Kernel | 2019-01-15 | 7.2 HIGH | 7.8 HIGH |
| The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c. | |||||
| CVE-2018-20431 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2019-01-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c. | |||||
| CVE-2018-14853 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2019-01-08 | 3.3 LOW | 4.3 MEDIUM |
| A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783. | |||||
| CVE-2018-20427 | 1 Libming | 1 Libming | 2019-01-04 | 6.8 MEDIUM | 8.8 HIGH |
| libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability than CVE-2018-9132. | |||||
| CVE-2018-20429 | 1 Libming | 1 Libming | 2019-01-04 | 6.8 MEDIUM | 8.8 HIGH |
| libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability than CVE-2018-7872 and CVE-2018-9165. | |||||
| CVE-2018-20426 | 1 Libming | 1 Libming | 2019-01-04 | 6.8 MEDIUM | 8.8 HIGH |
| libming 0.4.8 has a NULL pointer dereference in the newVar3 function of the decompile.c file, a different vulnerability than CVE-2018-7866. | |||||
| CVE-2018-20425 | 1 Libming | 1 Libming | 2019-01-04 | 6.8 MEDIUM | 8.8 HIGH |
| libming 0.4.8 has a NULL pointer dereference in the pushdup function of the decompile.c file. | |||||
| CVE-2018-20428 | 1 Libming | 1 Libming | 2019-01-04 | 6.8 MEDIUM | 8.8 HIGH |
| libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerability than CVE-2018-7874. | |||||
| CVE-2018-5812 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2019-01-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference. | |||||
| CVE-2018-5806 | 2 Libraw, Redhat | 4 Libraw, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2018-12-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference. | |||||
| CVE-2016-10209 | 1 Libarchive | 1 Libarchive | 2018-12-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file. | |||||