Total
2089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19208 | 3 Libwpd Project, Redhat, Suse | 3 Libwpd, Enterprise Linux, Suse Linux Enterprise Server | 2020-04-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h. | |||||
| CVE-2018-13440 | 2 Audio File Library Project, Canonical | 2 Audio File Library, Ubuntu Linux | 2020-04-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert. | |||||
| CVE-2018-13441 | 1 Nagios | 1 Nagios | 2020-04-11 | 2.1 LOW | 5.5 MEDIUM |
| qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | |||||
| CVE-2018-13458 | 1 Nagios | 1 Nagios Core | 2020-04-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | |||||
| CVE-2018-13457 | 1 Nagios | 1 Nagios Core | 2020-04-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | |||||
| CVE-2020-5736 | 1 Amcrest | 36 1080-lite 8ch, 1080-lite 8ch Firmware, Amdv10814-h5 and 33 more | 2020-04-09 | 6.8 MEDIUM | 6.5 MEDIUM |
| Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device. | |||||
| CVE-2016-11039 | 1 Google | 1 Android | 2020-04-09 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (AP + CP MDM9x35, or Qualcomm Onechip) software. There is a NULL pointer dereference issue in the IPC socket code. The Samsung ID is SVE-2016-5980 (July 2016). | |||||
| CVE-2007-0039 | 1 Microsoft | 1 Exchange Server | 2020-04-09 | 7.8 HIGH | N/A |
| The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception. | |||||
| CVE-2017-8537 | 1 Microsoft | 13 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 10 more | 2020-04-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8539, and CVE-2017-8542. | |||||
| CVE-2017-8536 | 1 Microsoft | 13 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 10 more | 2020-04-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542. | |||||
| CVE-2017-8535 | 1 Microsoft | 13 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 10 more | 2020-04-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8536, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542. | |||||
| CVE-2017-18664 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. There is a NULL pointer exception in PersonManager, causing memory corruption. The Samsung ID is SVE-2017-8286 (June 2017). | |||||
| CVE-2017-18665 | 1 Google | 1 Android | 2020-04-08 | 5.8 MEDIUM | 8.8 HIGH |
| An issue was discovered on Samsung mobile devices with M(6.0) software. There is a NULL pointer exception in WifiService via adb-cmd, causing memory corruption. The Samsung ID is SVE-2017-8287 (June 2017). | |||||
| CVE-2017-18658 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017). | |||||
| CVE-2016-6604 | 2 Google, Samsung | 2 Android, Exynos Fimg2d | 2020-04-07 | 10.0 HIGH | 9.8 CRITICAL |
| NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382. | |||||
| CVE-2018-20786 | 1 Leonerd | 1 Libvterm | 2020-03-30 | 5.0 MEDIUM | 7.5 HIGH |
| libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c. | |||||
| CVE-2019-20602 | 1 Google | 1 Android | 2020-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets) software. The Authnr Trustlet has a NULL pointer dereference. The Samsung ID is SVE-2019-13949 (May 2019). | |||||
| CVE-2019-20603 | 1 Google | 1 Android | 2020-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets) software. The ESECOMM Trustlet has a NULL pointer dereference. The Samsung ID is SVE-2019-13950 (May 2019). | |||||
| CVE-2020-8859 | 1 Psi | 1 Electronic Logbook | 2020-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request can trigger the dereference of a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition. Was ZDI-CAN-10115. | |||||
| CVE-2019-14876 | 1 Newlib Project | 1 Newlib | 2020-03-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| In the __lshift function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access to b1 will trigger a null pointer dereference bug in case of a memory allocation failure. | |||||