Total
3794 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-17505 | 1 Hdfgroup | 1 Hdf5 | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. | |||||
| CVE-2016-7477 | 1 Libav | 1 Libav | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted mp3 file. NOTE: this issue was originally reported as involving a NULL pointer dereference. | |||||
| CVE-2014-9812 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file. | |||||
| CVE-2017-13135 | 1 Libbpg Project | 1 Libbpg | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure. | |||||
| CVE-2017-6951 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type. | |||||
| CVE-2017-9503 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 1.9 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing. | |||||
| CVE-2016-8694 | 1 Potrace Project | 1 Potrace | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8695 and CVE-2016-8696. | |||||
| CVE-2017-12719 | 1 Advantech | 1 Webaccess | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program causing the application to become unavailable. | |||||
| CVE-2015-3839 | 1 Google | 1 Android | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). | |||||
| CVE-2016-6604 | 2 Google, Samsung | 2 Android, Exynos Fimg2d | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382. | |||||
| CVE-2016-8690 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command. | |||||
| CVE-2016-5028 | 1 Libdwarf Project | 1 Libdwarf | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The print_frame_inst_bytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via an object file with empty bss-like sections. | |||||
| CVE-2017-15274 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192. | |||||
| CVE-2017-11637 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. | |||||
| CVE-2017-17464 | 1 K7computing | 1 Antivirus | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002570 DeviceIoControl request. | |||||
| CVE-2017-15306 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm. | |||||
| CVE-2016-10250 | 1 Jasper Project | 1 Jasper | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8887. | |||||
| CVE-2017-7243 | 1 Eclipse | 1 Tinydtls | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake. | |||||
| CVE-2017-6415 | 1 Radare | 1 Radare2 | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file. | |||||
| CVE-2017-6298 | 2 Debian, Ytnef Project | 2 Debian Linux, Ytnef | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked." | |||||