Total
3939 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-3113 | 1 Linux | 1 Linux Kernel | 2025-04-22 | N/A | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference. | |||||
| CVE-2022-3112 | 1 Linux | 1 Linux Kernel | 2025-04-22 | N/A | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference. | |||||
| CVE-2022-3111 | 1 Linux | 1 Linux Kernel | 2025-04-22 | N/A | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger(). | |||||
| CVE-2022-3110 | 1 Linux | 1 Linux Kernel | 2025-04-22 | N/A | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 5.16-rc6. _rtw_init_xmit_priv in drivers/staging/r8188eu/core/rtw_xmit.c lacks check of the return value of rtw_alloc_hwxmits() and will cause the null pointer dereference. | |||||
| CVE-2022-3106 | 1 Linux | 1 Linux Kernel | 2025-04-22 | N/A | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc(). | |||||
| CVE-2023-40032 | 2 Fedoraproject, Libvips | 2 Fedora, Libvips | 2025-04-21 | N/A | 5.5 MEDIUM |
| libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 (or later) when processing untrusted input. | |||||
| CVE-2017-7994 | 1 Podofo Project | 1 Podofo | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | |||||
| CVE-2017-8820 | 2 Debian, Tor Project | 2 Debian Linux, Tor | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed descriptor, aka TROVE-2017-010. | |||||
| CVE-2017-2388 | 1 Apple | 1 Mac Os X | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
| CVE-2017-5851 | 1 Mp3splt Project | 1 Mp3splt | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. NOTE: this typically has no risk; this crash of this command-line program has no further consequences for availability. | |||||
| CVE-2014-9972 | 1 Google | 1 Android | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition. | |||||
| CVE-2017-16537 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.2 HIGH | 6.6 MEDIUM |
| The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. | |||||
| CVE-2017-11100 | 1 Swftools | 1 Swftools | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c. | |||||
| CVE-2017-17439 | 2 Debian, Heimdal Project | 2 Debian Linux, Heimdal | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c. | |||||
| CVE-2017-14638 | 1 Bento4 | 1 Bento4 | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h. | |||||
| CVE-2017-9989 | 2 Debian, Libming | 2 Debian Linux, Libming | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack. | |||||
| CVE-2017-8392 | 1 Gnu | 1 Binutils | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. | |||||
| CVE-2017-15286 | 1 Sqlite | 1 Sqlite | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized. | |||||
| CVE-2017-7209 | 1 Gnu | 1 Binutils | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash. | |||||
| CVE-2017-12923 | 1 Libfpx Project | 1 Libfpx | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. | |||||