Search
Total
1933 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46046 | 1 Gpac | 1 Gpac | 2022-01-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Derefernce Vulnerbility exists GPAC 1.0.1 the gf_isom_box_size function, which could cause a Denial of Service (context-dependent). | |||||
| CVE-2021-46047 | 1 Gpac | 1 Gpac | 2022-01-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_hinter_finalize function. | |||||
| CVE-2021-46049 | 1 Gpac | 1 Gpac | 2022-01-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_fileio_check function, which could cause a Denial of Service. | |||||
| CVE-2021-46051 | 1 Gpac | 1 Gpac | 2022-01-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the Media_IsSelfContained function, which could cause a Denial of Service. . | |||||
| CVE-2021-40018 | 1 Huawei | 1 Harmonyos | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
| The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-46044 | 1 Gpac | 1 Gpac | 2022-01-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent). | |||||
| CVE-2021-46042 | 1 Gpac | 1 Gpac | 2022-01-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service. | |||||
| CVE-2021-46043 | 1 Gpac | 1 Gpac | 2022-01-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service. | |||||
| CVE-2021-46040 | 1 Gpac | 1 Gpac | 2022-01-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplace_shift_moov_meta_offsets function, which causes a Denial of Servie (context-dependent). | |||||
| CVE-2021-46039 | 1 Gpac | 1 Gpac | 2022-01-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent). | |||||
| CVE-2021-30269 | 1 Qualcomm | 234 Ar8031, Ar8031 Firmware, Ar8035 and 231 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
| Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30272 | 1 Qualcomm | 392 Apq8009w, Apq8009w Firmware, Apq8017 and 389 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
| Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30271 | 1 Qualcomm | 332 Apq8009w, Apq8009w Firmware, Apq8017 and 329 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
| Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30270 | 1 Qualcomm | 310 Apq8009w, Apq8009w Firmware, Apq8017 and 307 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
| Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-45256 | 1 Nasm | 1 Netwide Assembler | 2022-01-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c. | |||||
| CVE-2021-46038 | 1 Gpac | 1 Gpac | 2022-01-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference vulnerability exists in GPAC 1.0.1 in unlink_chunk.isra, which causes a Denial of Service (context-dependent). | |||||
| CVE-2021-45831 | 1 Gpac | 1 Gpac | 2022-01-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Box via __strlen_avx2, which causes a Denial of Service. | |||||
| CVE-2020-23026 | 1 Dhrystone Project | 1 Dhrystone | 2022-01-08 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL pointer dereference in the main() function dhry_1.c of dhrystone 2.1 causes a denial of service (DoS). | |||||
| CVE-2021-4188 | 1 Mruby | 1 Mruby | 2022-01-06 | 5.0 MEDIUM | 7.5 HIGH |
| mruby is vulnerable to NULL Pointer Dereference | |||||
| CVE-2018-4302 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2022-01-05 | 6.8 MEDIUM | 7.8 HIGH |
| A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution. | |||||
| CVE-2019-19647 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2022-01-01 | 6.8 MEDIUM | 7.8 HIGH |
| radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted input. | |||||
| CVE-2020-9545 | 1 Palemoon | 1 Pale Moon | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
| Pale Moon 28.x before 28.8.4 has a segmentation fault related to module scripting, as demonstrated by a Lacoste web site. | |||||
| CVE-2020-7062 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Leap and 1 more | 2022-01-01 | 4.3 MEDIUM | 7.5 HIGH |
| In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash. | |||||
| CVE-2020-26521 | 2 Fedoraproject, Linuxfoundation | 2 Fedora, Nats-server | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
| The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code). | |||||
| CVE-2020-17525 | 2 Apache, Debian | 2 Subversion, Debian Linux | 2022-01-01 | 4.3 MEDIUM | 7.5 HIGH |
| Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7 | |||||
| CVE-2018-14553 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2021-12-30 | 4.3 MEDIUM | 7.5 HIGH |
| gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled). | |||||
| CVE-2020-8011 | 1 Broadcom | 1 Unified Infrastructure Management | 2021-12-30 | 5.0 MEDIUM | 7.5 HIGH |
| CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service. | |||||
| CVE-2021-45292 | 1 Gpac | 1 Gpac | 2021-12-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2020-9429 | 2 Opensuse, Wireshark | 2 Leap, Wireshark | 2021-12-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value. | |||||
| CVE-2019-8379 | 1 Advancemame | 1 Advancecomp | 2021-12-30 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file. | |||||
| CVE-2019-18804 | 5 Canonical, Debian, Djvulibre Project and 2 more | 5 Ubuntu Linux, Debian Linux, Djvulibre and 2 more | 2021-12-28 | 5.0 MEDIUM | 7.5 HIGH |
| DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. | |||||
| CVE-2021-45259 | 1 Gpac | 1 Gpac | 2021-12-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| An Invalid pointer reference vulnerability exists in gpac 1.1.0 via the gf_svg_node_del function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-45267 | 1 Gpac | 1 Gpac | 2021-12-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid memory address dereference vulnerability exists in gpac 1.1.0 via the svg_node_start function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-45260 | 1 Gpac | 1 Gpac | 2021-12-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the lsr_read_id.part function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-41497 | 1 Rare-technologies | 1 Bounter | 2021-12-27 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer reference in CMS_Conservative_increment_obj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket. | |||||
| CVE-2021-44918 | 1 Gpac | 1 Gpac | 2021-12-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and application crash. | |||||
| CVE-2021-44927 | 1 Gpac | 1 Gpac | 2021-12-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_sg_vrml_mf_append function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-44925 | 1 Gpac | 1 Gpac | 2021-12-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-44923 | 1 Gpac | 1 Gpac | 2021-12-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-44922 | 1 Gpac | 1 Gpac | 2021-12-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the BD_CheckSFTimeOffset function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-44921 | 1 Gpac | 1 Gpac | 2021-12-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_isom_parse_movie_boxes_internal function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-39921 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2021-12-26 | 5.0 MEDIUM | 7.5 HIGH |
| NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2021-39928 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2021-12-26 | 5.0 MEDIUM | 7.5 HIGH |
| NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2021-45266 | 1 Gpac | 1 Gpac | 2021-12-23 | 5.0 MEDIUM | 7.5 HIGH |
| A null pointer dereference vulnerability exists in gpac 1.1.0 via the lsr_read_anim_values_ex function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-42376 | 2 Busybox, Fedoraproject | 2 Busybox, Fedora | 2021-12-23 | 1.9 LOW | 5.5 MEDIUM |
| A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input. | |||||
| CVE-2021-42373 | 2 Busybox, Fedoraproject | 2 Busybox, Fedora | 2021-12-23 | 2.1 LOW | 5.5 MEDIUM |
| A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given | |||||
| CVE-2021-43750 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2021-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-43749 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2021-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-43748 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2021-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-1022 | 1 Google | 1 Android | 2021-12-17 | 5.0 MEDIUM | 7.5 HIGH |
| In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-180420059 | |||||