Total
2089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-8922 | 4 Canonical, Libarchive, Novell and 1 more | 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more | 2019-12-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct. | |||||
| CVE-2019-19887 | 1 Ffjpeg Project | 1 Ffjpeg | 2019-12-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode. | |||||
| CVE-2019-5235 | 1 Huawei | 100 Alp-al00b, Alp-al00b Firmware, Alp-tl00b and 97 more | 2019-12-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal. | |||||
| CVE-2019-10513 | 1 Qualcomm | 98 Apq8009, Apq8009 Firmware, Apq8017 and 95 more | 2019-12-23 | 4.9 MEDIUM | 5.5 MEDIUM |
| Possibility of Null pointer access if the SPDM commands are executed in the non-standard way in Trustzone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130 | |||||
| CVE-2019-8755 | 1 Apple | 1 Mac Os X | 2019-12-23 | 7.2 HIGH | 7.8 HIGH |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to determine kernel memory layout. | |||||
| CVE-2019-14604 | 1 Intel | 1 Quartus Prime | 2019-12-23 | 2.1 LOW | 5.5 MEDIUM |
| Null pointer dereference in the FPGA kernel driver for Intel(R) Quartus(R) Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-10600 | 1 Qualcomm | 100 Apq8009, Apq8009 Firmware, Apq8017 and 97 more | 2019-12-22 | 7.2 HIGH | 7.8 HIGH |
| Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCA8081, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | |||||
| CVE-2019-18838 | 1 Envoyproxy | 1 Envoy | 2019-12-18 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An encoder filter that invokes route manager APIs that access a request's Host header causes a NULL pointer dereference, resulting in abnormal termination of the Envoy process. | |||||
| CVE-2019-13225 | 2 Fedoraproject, Oniguruma Project | 2 Fedora, Oniguruma | 2019-12-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. | |||||
| CVE-2019-10545 | 1 Qualcomm | 12 Qcs605, Qcs605 Firmware, Sdm670 and 9 more | 2019-12-13 | 2.1 LOW | 5.5 MEDIUM |
| Null pointer dereference issue in kernel due to missing check related to LLC support in GPU in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM670, SDM710, SM6150, SM7150, SM8150 | |||||
| CVE-2019-19308 | 1 Gnome | 1 Gnome-font-viewer | 2019-12-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL). | |||||
| CVE-2019-19227 | 1 Linux | 1 Linux Kernel | 2019-12-12 | 2.1 LOW | 5.5 MEDIUM |
| In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122. | |||||
| CVE-2019-18190 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus\+ Security 2020, Internet Security 2020 and 2 more | 2019-12-12 | 7.5 HIGH | 9.8 CRITICAL |
| Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsigned code execution under certain circumstances. | |||||
| CVE-2019-19698 | 1 Libwav Project | 1 Libwav | 2019-12-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| marc-q libwav through 2017-04-20 has a NULL pointer dereference in wav_content_read() at libwav.c. | |||||
| CVE-2019-19272 | 1 Proftpd | 1 Proftpd | 2019-12-11 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup. | |||||
| CVE-2019-17064 | 1 Glyphandcog | 1 Xpdfreader | 2019-12-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. | |||||
| CVE-2019-19037 | 1 Linux | 1 Linux Kernel | 2019-12-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero. | |||||
| CVE-2012-5640 | 1 Acme | 1 Thttpd | 2019-12-04 | 2.1 LOW | 5.5 MEDIUM |
| thttpd has a local DoS vulnerability via specially-crafted .htpasswd files | |||||
| CVE-2017-17127 | 1 Libav | 1 Libav | 2019-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | |||||
| CVE-2019-19011 | 1 Ngiflib Project | 1 Ngiflib | 2019-11-19 | 5.0 MEDIUM | 7.5 HIGH |
| MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette. | |||||