Total
2089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28466 | 1 Linux | 1 Linux Kernel | 2023-03-21 | N/A | 7.0 HIGH |
| do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | |||||
| CVE-2023-1355 | 1 Vim | 1 Vim | 2023-03-21 | N/A | 5.5 MEDIUM |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402. | |||||
| CVE-2023-27102 | 1 Struktur | 1 Libde265 | 2023-03-20 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decoder_context::process_slice_segment_header at decctx.cc. | |||||
| CVE-2023-1264 | 1 Vim | 1 Vim | 2023-03-19 | N/A | 5.5 MEDIUM |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392. | |||||
| CVE-2023-27114 | 1 Radare | 1 Radare2 | 2023-03-15 | N/A | 5.5 MEDIUM |
| radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c. | |||||
| CVE-2023-0845 | 1 Hashicorp | 1 Consul | 2023-03-15 | N/A | 6.5 MEDIUM |
| Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5. | |||||
| CVE-2023-24465 | 1 Openharmony | 1 Openharmony | 2023-03-14 | N/A | 5.5 MEDIUM |
| Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior versions, OpenHarmony-v3.0.7 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause the current application to crash. | |||||
| CVE-2023-25947 | 1 Openharmony | 1 Openharmony | 2023-03-14 | N/A | 5.5 MEDIUM |
| The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package. | |||||
| CVE-2022-41278 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-03-14 | N/A | 3.3 LOW |
| A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | |||||
| CVE-2022-41280 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-03-14 | N/A | 3.3 LOW |
| A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | |||||
| CVE-2022-41279 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-03-14 | N/A | 3.3 LOW |
| A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | |||||
| CVE-2023-0973 | 2023-03-13 | N/A | N/A | ||
| STEPTools v18SP1 ifcmesh library (v18.1) is affected due to a null pointer dereference, which could allow an attacker to deny application usage when reading a specially constructed file, resulting in an application crash. | |||||
| CVE-2022-3857 | 1 Libpng | 1 Libpng | 2023-03-13 | N/A | 5.5 MEDIUM |
| A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a segmentation fault and denial of service in png_setup_paeth_row() function. | |||||
| CVE-2023-23006 | 1 Linux | 1 Linux Kernel | 2023-03-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||||
| CVE-2023-23005 | 2 Linux, Suse | 2 Linux Kernel, Linux Enterprise Server | 2023-03-13 | N/A | 5.5 MEDIUM |
| ** DISPUTED ** In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_memory_type error case to be reached. | |||||
| CVE-2023-23004 | 1 Linux | 1 Linux Kernel | 2023-03-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||||
| CVE-2023-23002 | 1 Linux | 1 Linux Kernel | 2023-03-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||||
| CVE-2023-23001 | 1 Linux | 1 Linux Kernel | 2023-03-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||||
| CVE-2021-3596 | 4 Debian, Fedoraproject, Imagemagick and 1 more | 4 Debian Linux, Fedora, Imagemagick and 1 more | 2023-03-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault. | |||||
| CVE-2023-1186 | 2 Fabulatech, Microsoft | 2 Webcam For Remote Desktop, Windows | 2023-03-10 | N/A | 5.5 MEDIUM |
| A vulnerability has been found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This vulnerability affects unknown code in the library ftwebcam.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-222358 is the identifier assigned to this vulnerability. | |||||