Total
3792 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-1103 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2025-05-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability, which was classified as problematic, was found in D-Link DIR-823X 240126/240802. This affects the function set_wifi_blacklists of the file /goform/set_wifi_blacklists of the component HTTP POST Request Handler. The manipulation of the argument macList leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-37605 | 1 Dlink | 2 Dir-860l, Dir-860l Firmware | 2025-05-21 | N/A | 6.5 MEDIUM |
| A NULL pointer dereference in D-Link DIR-860L REVB_FIRMWARE_2.04.B04_ic5b allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | |||||
| CVE-2024-36831 | 1 Dlink | 2 Dap-1520, Dap-1520 Firmware | 2025-05-21 | N/A | 5.3 MEDIUM |
| A NULL pointer dereference in the plugins_call_handle_uri_clean function of D-Link DAP-1520 REVA_FIRMWARE_1.10B04_BETA02_HOTFIX allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request without authentication. | |||||
| CVE-2024-36832 | 1 Dlink | 2 Dap-1513, Dap-1513 Firmware | 2025-05-21 | N/A | 7.5 HIGH |
| A NULL pointer dereference in D-Link DAP-1513 REVA_FIRMWARE_1.01 allows attackers to cause a Denial of Service (DoS) via a crafted web request without authentication. The vulnerability occurs in the /bin/webs binary of the firmware. When /bin/webs receives a carefully constructed HTTP request, it will crash and exit due to a null pointer reference, leading to a denial of service attack to the device. | |||||
| CVE-2024-33345 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-05-21 | N/A | 6.5 MEDIUM |
| D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2022-41843 | 1 Xpdfreader | 1 Xpdf | 2025-05-20 | N/A | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928. | |||||
| CVE-2022-41841 | 1 Axiosys | 1 Bento4 | 2025-05-20 | N/A | 5.5 MEDIUM |
| An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File. | |||||
| CVE-2024-36941 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-05-20 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here. | |||||
| CVE-2025-29835 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-19 | N/A | 6.5 MEDIUM |
| Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||||
| CVE-2025-29838 | 1 Microsoft | 2 Windows 11 24h2, Windows Server 2025 | 2025-05-19 | N/A | 7.4 HIGH |
| Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-4478 | 2025-05-19 | N/A | 7.1 HIGH | ||
| A flaw was found in the gnome-remote-desktop used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system. | |||||
| CVE-2025-4476 | 2025-05-19 | N/A | 4.3 MEDIUM | ||
| A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 (Unauthorized) HTTP response containing a specifically crafted domain parameter within the WWW-Authenticate header. Processing this malformed header can lead to a crash of the client application using libsoup. An attacker could exploit this by setting up a malicious HTTP server. If a user's application using the vulnerable libsoup library connects to this malicious server, it could result in a denial-of-service. Successful exploitation requires tricking a user's client application into connecting to the attacker's malicious server. | |||||
| CVE-2025-30668 | 2025-05-16 | N/A | 6.5 MEDIUM | ||
| Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-46400 | 2025-05-16 | N/A | 4.7 MEDIUM | ||
| In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function. | |||||
| CVE-2025-30666 | 2025-05-16 | N/A | 6.5 MEDIUM | ||
| NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-46399 | 2025-05-16 | N/A | 4.7 MEDIUM | ||
| In xfig diagramming tool, a segmentation fault in fig2dev allows memory corruption via local input manipulation at genge_itp_spline function. | |||||
| CVE-2025-30665 | 2025-05-16 | N/A | 6.5 MEDIUM | ||
| NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-30667 | 2025-05-16 | N/A | 6.5 MEDIUM | ||
| NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-20071 | 2025-05-16 | N/A | 6.5 MEDIUM | ||
| NULL pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2025-30329 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | N/A | 5.5 MEDIUM |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||