Total
3852 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-4900 | 1 Vmware | 2 Workstation Player, Workstation Pro | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. | |||||
| CVE-2017-17465 | 1 K7computing | 1 Antivirus | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002574 DeviceIoControl request. | |||||
| CVE-2017-6845 | 1 Podofo Project | 1 Podofo | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
| CVE-2017-5969 | 1 Xmlsoft | 1 Libxml2 | 2025-04-20 | 2.6 LOW | 4.7 MEDIUM |
| ** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser." | |||||
| CVE-2017-15096 | 1 Gluster | 1 Glusterfs | 2025-04-20 | 2.1 LOW | 3.3 LOW |
| A flaw was found in GlusterFS in versions prior to 3.10. A null pointer dereference in send_brick_req function in glusterfsd/src/gf_attach.c may be used to cause denial of service. | |||||
| CVE-2017-12922 | 1 Libfpx Project | 1 Libfpx | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| wchar.c in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. | |||||
| CVE-2017-5665 | 1 Libmp3splt Project | 1 Libmp3splt | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | |||||
| CVE-2017-0016 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2025-04-20 | 7.1 HIGH | 5.9 MEDIUM |
| Microsoft Windows 10 Gold, 1511, and 1607; Windows 8.1; Windows RT 8.1; Windows Server 2012 R2, and Windows Server 2016 do not properly handle certain requests in SMBv2 and SMBv3 packets, which allows remote attackers to execute arbitrary code via a crafted SMBv2 or SMBv3 packet to the Server service, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability." | |||||
| CVE-2016-4678 | 1 Apple | 1 Mac Os X | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "AppleSMC" component. It allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. | |||||
| CVE-2016-5870 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact by triggering failure of an accept system call for an AF_MSM_IPC socket. | |||||
| CVE-2017-16948 | 1 Tgsoft | 1 Vir.it Explorer | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730008 DeviceIoControl request to \\.\Viragtlt. | |||||
| CVE-2017-11096 | 1 Swftools | 1 Swftools | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() function in lib/modules/swffilter.c. | |||||
| CVE-2017-5854 | 1 Podofo Project | 1 Podofo | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | |||||
| CVE-2017-11124 | 1 Xar Project | 1 Xar | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c. | |||||
| CVE-2017-12192 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation. | |||||
| CVE-2017-10965 | 1 Irssi | 1 Irssi | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. | |||||
| CVE-2016-10087 | 1 Libpng | 1 Libpng | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure. | |||||
| CVE-2017-15286 | 1 Sqlite | 1 Sqlite | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized. | |||||
| CVE-2016-10220 | 1 Artifex | 1 Ghostscript | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module. | |||||
| CVE-2017-15022 | 1 Gnu | 1 Binutils | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit. | |||||