Total
2089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12779 | 1 Matroska | 1 Mkvalidator | 2017-11-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | |||||
| CVE-2017-15306 | 1 Linux | 1 Linux Kernel | 2017-11-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm. | |||||
| CVE-2017-16711 | 1 Swftools | 1 Swftools | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) because of extractDefinitions in lib/readers/swf.c and fill_line_bitmap in lib/devices/render.c, as demonstrated by swfrender. | |||||
| CVE-2017-16868 | 1 Swftools | 1 Swftools | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file. | |||||
| CVE-2017-12800 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | |||||
| CVE-2017-12781 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | |||||
| CVE-2017-15920 | 1 Watchdogdevelopment | 2 Anti-malware, Online Security Pro | 2017-11-18 | 5.0 MEDIUM | 7.5 HIGH |
| In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. | |||||
| CVE-2017-15921 | 1 Watchdogdevelopment | 2 Anti-malware, Online Security Pro | 2017-11-18 | 5.0 MEDIUM | 7.5 HIGH |
| In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. | |||||
| CVE-2017-16359 | 1 Radare | 1 Radare2 | 2017-11-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c. | |||||
| CVE-2014-3164 | 1 Google | 1 Android | 2017-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths. | |||||
| CVE-2017-10965 | 1 Irssi | 1 Irssi | 2017-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. | |||||
| CVE-2016-10189 | 1 Bitlbee | 2 Bitlbee, Bitlbee-libpurple | 2017-11-03 | 5.0 MEDIUM | 7.5 HIGH |
| BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. | |||||
| CVE-2016-7997 | 1 Graphicsmagick | 1 Graphicsmagick | 2017-11-03 | 5.0 MEDIUM | 7.5 HIGH |
| The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer. | |||||
| CVE-2016-10220 | 1 Artifex | 1 Ghostscript | 2017-11-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module. | |||||
| CVE-2017-14225 | 1 Ffmpeg | 1 Ffmpeg | 2017-11-03 | 6.8 MEDIUM | 8.8 HIGH |
| The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in libavcodec/utils.c, leading to a NULL pointer dereference. (It is also conceivable that there is security relevance for a NULL pointer dereference in av_color_primaries_name calls within the ffprobe command-line program.) | |||||
| CVE-2017-5980 | 1 Zziplib Project | 1 Zziplib | 2017-11-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file. | |||||
| CVE-2017-5979 | 1 Zziplib Project | 1 Zziplib | 2017-11-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file. | |||||
| CVE-2017-5951 | 1 Artifex | 1 Ghostscript | 2017-11-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | |||||
| CVE-2016-8882 | 1 Jasper Project | 1 Jasper | 2017-11-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | |||||
| CVE-2015-8272 | 1 Rtmpdump Project | 1 Rtmpdump | 2017-11-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash). | |||||