Total
3804 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-8970 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c. | |||||
| CVE-2016-7132 | 1 Php | 1 Php | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a stray element inside a boolean element, leading to incorrect pop processing. | |||||
| CVE-2016-9628 | 1 Tats | 1 W3m | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | |||||
| CVE-2015-4443 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2015-4444. | |||||
| CVE-2016-7080 | 2 Apple, Vmware | 2 Mac Os X, Tools | 2025-04-12 | 4.6 MEDIUM | 7.8 HIGH |
| The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7079. | |||||
| CVE-2015-0573 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via a crafted application that makes a TSC_GET_CARD_STATUS ioctl call. | |||||
| CVE-2016-9629 | 1 Tats | 1 W3m | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | |||||
| CVE-2016-8813 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges. | |||||
| CVE-2016-7905 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file. | |||||
| CVE-2014-5353 | 7 Canonical, Debian, Fedoraproject and 4 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2025-04-12 | 3.5 LOW | N/A |
| The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy. | |||||
| CVE-2016-7131 | 1 Php | 1 Php | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a < (less than) character. | |||||
| CVE-2016-9562 | 1 Sap | 1 Netweaver Application Server Java | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835. | |||||
| CVE-2014-9323 | 4 Canonical, Debian, Firebirdsql and 1 more | 4 Ubuntu Linux, Debian Linux, Firebird and 1 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status. | |||||
| CVE-2016-2198 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting in DoS. | |||||
| CVE-2016-9631 | 1 Tats | 1 W3m | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | |||||
| CVE-2013-4118 | 2 Freerdp, Opensuse | 3 Freerdp, Leap, Opensuse | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | |||||
| CVE-2015-8551 | 4 Debian, Linux, Opensuse and 1 more | 8 Debian Linux, Linux Kernel, Opensuse and 5 more | 2025-04-12 | 4.7 MEDIUM | 6.0 MEDIUM |
| The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks." | |||||
| CVE-2016-5423 | 2 Debian, Postgresql | 2 Debian Linux, Postgresql | 2025-04-12 | 6.5 MEDIUM | 8.3 HIGH |
| PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types. | |||||
| CVE-2016-4696 | 1 Apple | 1 Mac Os X | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| AppleEFIRuntime in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
| CVE-2016-4777 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (invalid pointer dereference) via a crafted app. | |||||