Total
2089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5668 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2018-19217 | 1 Gnu | 1 Ncurses | 2019-04-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| ** DISPUTED ** In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party. | |||||
| CVE-2018-11904 | 1 Google | 1 Android | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer. | |||||
| CVE-2018-6951 | 2 Canonical, Gnu | 2 Ubuntu Linux, Patch | 2019-04-17 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue. | |||||
| CVE-2017-15016 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-04-16 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c. | |||||
| CVE-2018-17000 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2019-04-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp. | |||||
| CVE-2018-19210 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2019-04-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset. | |||||
| CVE-2018-6197 | 2 Canonical, W3m Project | 2 Ubuntu Linux, W3m | 2019-04-04 | 5.0 MEDIUM | 7.5 HIGH |
| w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. | |||||
| CVE-2018-4276 | 1 Apple | 1 Mac Os X | 2019-04-04 | 5.0 MEDIUM | 7.5 HIGH |
| A null pointer dereference was addressed with improved validation. This issue affected versions prior to macOS High Sierra 10.13.6. | |||||
| CVE-2019-9199 | 2 Fedoraproject, Podofo Project | 2 Fedora, Podofo | 2019-04-03 | 6.8 MEDIUM | 8.8 HIGH |
| PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2018-14616 | 1 Linux | 1 Linux Kernel | 2019-04-02 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image. | |||||
| CVE-2018-14614 | 1 Linux | 1 Linux Kernel | 2019-04-02 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image. | |||||
| CVE-2017-1000460 | 3 Ffmpeg, Google, Libav | 3 Ffmpeg, Chrome, Libav | 2019-03-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception. | |||||
| CVE-2018-5801 | 4 Canonical, Debian, Libraw and 1 more | 6 Ubuntu Linux, Debian Linux, Libraw and 3 more | 2019-03-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. | |||||
| CVE-2017-14228 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2019-03-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service. | |||||
| CVE-2015-4047 | 5 Canonical, Debian, F5 and 2 more | 25 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 22 more | 2019-03-27 | 7.8 HIGH | N/A |
| racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests. | |||||
| CVE-2018-7492 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-03-26 | 4.9 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST. | |||||
| CVE-2019-10022 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. | |||||
| CVE-2016-1803 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
| CVE-2016-1814 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. | |||||