Total
4513 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3202 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2024-11-21 | 7.1 High |
| A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information. | ||||
| CVE-2022-3153 | 1 Vim | 1 Vim | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. | ||||
| CVE-2022-3078 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Linux kernel through 5.16-rc6. There is a lack of check after calling vzalloc() and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c. | ||||
| CVE-2022-39829 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new. | ||||
| CVE-2022-39028 | 4 Debian, Gnu, Mit and 1 more | 4 Debian Linux, Inetutils, Kerberos 5 and 1 more | 2024-11-21 | 7.5 High |
| telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8. | ||||
| CVE-2022-38497 | 1 Lief-project | 1 Lief | 2024-11-21 | 5.5 Medium |
| LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69. | ||||
| CVE-2022-38307 | 1 Lief-project | 1 Lief | 2024-11-21 | 5.5 Medium |
| LIEF commit 5d1d643 was discovered to contain a segmentation violation via the function LIEF::MachO::SegmentCommand::file_offset() at /MachO/SegmentCommand.cpp. | ||||
| CVE-2022-38096 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Logging and 5 more | 2024-11-21 | 6.3 Medium |
| A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). | ||||
| CVE-2022-37797 | 2 Debian, Lighttpd | 2 Debian Linux, Lighttpd | 2024-11-21 | 7.5 High |
| In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition. | ||||
| CVE-2022-36648 | 1 Qemu | 1 Qemu | 2024-11-21 | 10.0 Critical |
| The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third parties as not a valid vulnerability due to the rocker device not falling within the virtualization use case. | ||||
| CVE-2022-36622 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1. | ||||
| CVE-2022-36621 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject. | ||||
| CVE-2022-36186 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.5 High |
| A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1. | ||||
| CVE-2022-36153 | 1 Monostream | 1 Tifig | 2024-11-21 | 5.5 Medium |
| tifig v0.2.2 was discovered to contain a segmentation violation via std::vector<unsigned int, std::allocator<unsigned int> >::size() const at /bits/stl_vector.h. | ||||
| CVE-2022-36151 | 1 Monostream | 1 Tifig | 2024-11-21 | 5.5 Medium |
| tifig v0.2.2 was discovered to contain a segmentation violation via getType() at /common/bbox.cpp. | ||||
| CVE-2022-35484 | 1 Otfcc Project | 1 Otfcc | 2024-11-21 | 6.5 Medium |
| OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f. | ||||
| CVE-2022-35245 | 1 F5 | 1 Big-ip Access Policy Manager | 2024-11-21 | 7.5 High |
| In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5.1, when a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2022-35206 | 1 Gnu | 1 Binutils | 2024-11-21 | 5.5 Medium |
| Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c. | ||||
| CVE-2022-35108 | 1 Swftools | 1 Swftools | 2024-11-21 | 5.5 Medium |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc. | ||||
| CVE-2022-34969 | 1 Pingcap | 1 Tidb | 2024-11-21 | 7.5 High |
| PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference. | ||||