Total
2089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2287 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2020-08-19 | 4.9 MEDIUM | N/A |
| The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function. | |||||
| CVE-2019-12974 | 1 Imagemagick | 1 Imagemagick | 2020-08-18 | 4.3 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image. | |||||
| CVE-2019-14534 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2020-08-18 | 4.3 MEDIUM | 5.5 MEDIUM |
| In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. | |||||
| CVE-2010-1187 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2020-08-13 | 4.9 MEDIUM | N/A |
| The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference. | |||||
| CVE-2020-16117 | 2 Debian, Gnome | 2 Debian Linux, Evolution-data-server | 2020-08-11 | 4.3 MEDIUM | 5.9 MEDIUM |
| In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server. | |||||
| CVE-2010-2960 | 3 Canonical, Linux, Suse | 4 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Desktop and 1 more | 2020-08-11 | 7.2 HIGH | 7.8 HIGH |
| The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function. | |||||
| CVE-2009-2768 | 1 Linux | 1 Linux Kernel | 2020-08-07 | 7.2 HIGH | 7.8 HIGH |
| The load_flat_shared_library function in fs/binfmt_flat.c in the flat subsystem in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by executing a shared flat binary, which triggers an access of an "uninitialized cred pointer." | |||||
| CVE-2020-10602 | 1 Pi | 1 Data Archive | 2020-08-05 | 3.5 LOW | 5.3 MEDIUM |
| In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive. | |||||
| CVE-2020-10600 | 1 Osisoft | 1 Pi Data Archive | 2020-08-05 | 4.9 MEDIUM | 7.1 HIGH |
| An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive (2018 SP2 and prior versions). | |||||
| CVE-2010-0751 | 2 Fedoraproject, Libnids Project | 2 Fedora, Libnids | 2020-08-05 | 5.0 MEDIUM | N/A |
| The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets. | |||||
| CVE-2019-16089 | 1 Linux | 1 Linux Kernel | 2020-08-04 | 4.7 MEDIUM | 4.1 MEDIUM |
| An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value. | |||||
| CVE-2015-0573 | 1 Linux | 1 Linux Kernel | 2020-08-04 | 7.5 HIGH | 9.8 CRITICAL |
| drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via a crafted application that makes a TSC_GET_CARD_STATUS ioctl call. | |||||
| CVE-2017-6311 | 2 Fedoraproject, Gnome | 2 Fedora, Gdk-pixbuf | 2020-08-04 | 5.0 MEDIUM | 7.5 HIGH |
| gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message. | |||||
| CVE-2019-19036 | 1 Linux | 1 Linux Kernel | 2020-08-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero. | |||||
| CVE-2016-5870 | 1 Linux | 1 Linux Kernel | 2020-07-31 | 4.6 MEDIUM | 7.8 HIGH |
| The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact by triggering failure of an accept system call for an AF_MSM_IPC socket. | |||||
| CVE-2020-5762 | 1 Grandstream | 12 Ht801, Ht801 Firmware, Ht802 and 9 more | 2020-07-31 | 5.0 MEDIUM | 7.5 HIGH |
| Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to a denial of service attack against the TR-069 service. An unauthenticated remote attacker can stop the service due to a NULL pointer dereference in the TR-069 service. This condition is triggered due to mishandling of the HTTP Authentication field. | |||||
| CVE-2010-3251 | 1 Google | 1 Chrome | 2020-07-31 | 4.3 MEDIUM | N/A |
| The WebSockets implementation in Google Chrome before 6.0.472.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | |||||
| CVE-2010-4576 | 1 Google | 2 Chrome, Chrome Os | 2020-07-29 | 5.0 MEDIUM | N/A |
| browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker. | |||||
| CVE-2006-6565 | 1 Filezilla-project | 1 Filezilla Server | 2020-07-28 | 4.0 MEDIUM | N/A |
| FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wildcard argument to the (1) LIST or (2) NLST commands, which results in a NULL pointer dereference, a different set of vectors than CVE-2006-6564. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command. | |||||
| CVE-2018-11695 | 1 Sass-lang | 1 Libsass | 2020-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in LibSass <3.5.3. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||