Total
3845 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14747 | 1 Qnap | 1 Qts | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NULL Pointer Dereference vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to crash the NAS media server. | |||||
| CVE-2018-14737 | 1 Pbc Project | 1 Pbc | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A NULL pointer dereference can occur in pbc_wmessage_string in wmessage.c. | |||||
| CVE-2018-14646 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 4 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service. | |||||
| CVE-2018-14617 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory. | |||||
| CVE-2018-14616 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image. | |||||
| CVE-2018-14614 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image. | |||||
| CVE-2018-14613 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c. | |||||
| CVE-2018-14612 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks in check_leaf in fs/btrfs/tree-checker.c. | |||||
| CVE-2018-14609 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized. | |||||
| CVE-2018-14588 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp. | |||||
| CVE-2018-14562 | 1 Thunlp | 1 Thulac | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in libthulac.so in THULAC through 2018-02-25. A NULL pointer dereference can occur in the BasicModel class in include/cb_model.h. | |||||
| CVE-2018-14553 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
| gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled). | |||||
| CVE-2018-14543 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump. | |||||
| CVE-2018-14471 | 1 Gnu | 1 Libredwg | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file. | |||||
| CVE-2018-14448 | 1 Untrunc Project | 1 Untrunc | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL pointer dereference via a crafted MP4 file because of improper interaction with libav. | |||||
| CVE-2018-14404 | 3 Canonical, Debian, Xmlsoft | 3 Ubuntu Linux, Debian Linux, Libxml2 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. | |||||
| CVE-2018-14332 | 1 Clementine-player | 1 Clementine | 2024-11-21 | 1.9 LOW | 5.5 MEDIUM |
| An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user opens a malformed mp3 file. | |||||
| CVE-2018-13903 | 1 Qualcomm | 22 Apq8053, Apq8053 Firmware, Mdm9205 and 19 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| u'Error in UE due to race condition in EPCO handling' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150 | |||||
| CVE-2018-13458 | 1 Nagios | 1 Nagios Core | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | |||||
| CVE-2018-13457 | 1 Nagios | 1 Nagios Core | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | |||||