Total
4523 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24483 | 2025-02-12 | N/A | ||
| NULL pointer dereference vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system where the product is running, the system may cause a Blue Screen of Death (BSOD), and as a result, cause a denial-of-service (DoS) condition. | ||||
| CVE-2023-51394 | 1 Silabs | 1 Emberznet | 2025-02-12 | 5.3 Medium |
| High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash. | ||||
| CVE-2022-24810 | 4 Debian, Fedoraproject, Net-snmp and 1 more | 5 Debian Linux, Fedora, Net-snmp and 2 more | 2025-02-11 | 6.5 Medium |
| net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | ||||
| CVE-2024-50665 | 1 Gpac | 1 Gpac | 2025-02-11 | 5.5 Medium |
| gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_cenc_get_sai_by_saiz_saio in MP4Box. | ||||
| CVE-2022-47465 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-11 | 5.5 Medium |
| In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service. | ||||
| CVE-2023-0197 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Virtual Gpu, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2025-02-11 | 5.5 Medium |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service. | ||||
| CVE-2023-26917 | 1 Cesnet | 1 Libyang | 2025-02-11 | 7.5 High |
| libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c. | ||||
| CVE-2022-47468 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | 5.5 Medium |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | ||||
| CVE-2022-47467 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | 5.5 Medium |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | ||||
| CVE-2022-47466 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | 5.5 Medium |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | ||||
| CVE-2025-24031 | 2025-02-10 | 3.3 Low | ||
| PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, `pam_get_pwd` will never initialize the password buffer pointer and as such `cleanse` will try to dereference an uninitialized pointer. On my system this pointer happens to have the value 3 most of the time when running sudo and as such it will segfault. The most likely impact to a system affected by this issue is an availability impact due to a daemon that uses PAM crashing. As of time of publication, a patch for the issue is unavailable. | ||||
| CVE-2023-29569 | 1 Cesanta | 1 Mjs | 2025-02-06 | 5.5 Medium |
| Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS). | ||||
| CVE-2024-30403 | 1 Juniper | 1 Junos Os Evolved | 2025-02-06 | 6.5 Medium |
| A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process, the interface flaps, an Advanced Forwarding Toolkit manager (evo-aftmand-bt) core is observed. This leads to a PFE restart. The crash reoccurs if the same sequence of events happens, which will lead to a sustained DoS condition. This issue affects Juniper Networks Junos OS Evolved 23.2-EVO versions earlier than 23.2R1-S1-EVO, 23.2R2-EVO. | ||||
| CVE-2023-21586 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-02-06 | 5.5 Medium |
| Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2020-28163 | 1 Libdwarf Project | 1 Libdwarf | 2025-02-06 | 6.5 Medium |
| libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname. | ||||
| CVE-2024-26130 | 2 Cryptography.io, Redhat | 5 Cryptography, Ansible Automation Platform, Rhui and 2 more | 2025-02-05 | 7.5 High |
| cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised. | ||||
| CVE-2022-27497 | 1 Intel | 1 Active Management Technology Firmware | 2025-02-05 | 8.6 High |
| Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2024-55511 | 2025-02-05 | 7.8 High | ||
| A null pointer dereference vulnerability in Macrium Reflect prior to 8.1.8017 allows a local attacker to cause a system crash or potentially elevate their privileges via executing a specially crafted executable. | ||||
| CVE-2023-2166 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2025-02-05 | 5.5 Medium |
| A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service. | ||||
| CVE-2023-1587 | 3 Avast, Avg, Microsoft | 3 Antivirus, Anti-virus, Windows | 2025-02-05 | 5.8 Medium |
| Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11 | ||||