Total
4587 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-9020 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory. | ||||
| CVE-2015-9073 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall. | ||||
| CVE-2017-15023 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. | ||||
| CVE-2017-14406 | 1 Mp3gain | 1 Mp3gain | 2025-04-20 | N/A |
| A NULL pointer dereference was discovered in sync_buffer in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. | ||||
| CVE-2017-9083 | 1 Freedesktop | 1 Poppler | 2025-04-20 | N/A |
| poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file. | ||||
| CVE-2016-9049 | 1 Aerospike | 1 Database Server | 2025-04-20 | 7.5 High |
| An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability. | ||||
| CVE-2017-14975 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2025-04-20 | N/A |
| The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack. | ||||
| CVE-2017-10965 | 1 Irssi | 1 Irssi | 2025-04-20 | N/A |
| An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. | ||||
| CVE-2017-7507 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2025-04-20 | N/A |
| GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. | ||||
| CVE-2017-14400 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file. | ||||
| CVE-2017-12809 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 6.5 Medium |
| QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive. | ||||
| CVE-2017-7458 | 1 Ntop | 1 Ntopng | 2025-04-20 | N/A |
| The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address. | ||||
| CVE-2017-14318 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mapping to the calling domain exists for the page in question. However, the function does not check to see if the owning domain actually has a grant table or not. Some special domains, such as `DOMID_XEN`, `DOMID_IO` and `DOMID_COW` are created without grant tables. Hence, if __gnttab_cache_flush operates on a page owned by these special domains, it will attempt to dereference a NULL pointer in the domain struct. | ||||
| CVE-2015-5195 | 5 Canonical, Debian, Fedoraproject and 2 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2025-04-20 | N/A |
| ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation. | ||||
| CVE-2017-10792 | 1 Gnu | 1 Pspp | 2025-04-20 | N/A |
| There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack. | ||||
| CVE-2015-7549 | 1 Qemu | 1 Qemu | 2025-04-20 | N/A |
| The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method. | ||||
| CVE-2017-14149 | 1 Embedthis | 1 Goahead | 2025-04-20 | N/A |
| GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request. | ||||
| CVE-2017-12800 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2025-04-20 | N/A |
| The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | ||||
| CVE-2015-9026 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | ||||
| CVE-2017-15299 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-20 | N/A |
| The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call. | ||||