Total
3875 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-16647 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.2 HIGH | 6.6 MEDIUM |
| drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. | |||||
| CVE-2017-17049 | 1 Tgsoft | 1 Vir.it Explorer | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730010 DeviceIoControl request to \\.\Viragtlt. | |||||
| CVE-2017-14505 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input. | |||||
| CVE-2017-12719 | 1 Advantech | 1 Webaccess | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program causing the application to become unavailable. | |||||
| CVE-2017-8536 | 1 Microsoft | 13 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 10 more | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542. | |||||
| CVE-2017-7507 | 1 Gnu | 1 Gnutls | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. | |||||
| CVE-2017-12950 | 1 Linuxsampler | 1 Libgig | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file. | |||||
| CVE-2017-6849 | 1 Podofo Project | 1 Podofo | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
| CVE-2017-7659 | 1 Apache | 1 Http Server | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process. | |||||
| CVE-2017-3169 | 1 Apache | 1 Http Server | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port. | |||||
| CVE-2017-14975 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack. | |||||
| CVE-2016-10209 | 1 Libarchive | 1 Libarchive | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file. | |||||
| CVE-2016-8723 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an '/' will cause a segmentation fault in the web server. An attacker can send any of a multitude of potentially unexpected HTTP get requests to trigger this vulnerability. | |||||
| CVE-2017-6899 | 1 Lineageos | 1 Lineageos | 2025-04-20 | 4.9 MEDIUM | 6.2 MEDIUM |
| The msm_bus_dbg_update_request_write function in drivers/platform/msm/msm_bus/msm_bus_dbg.c in android_kernel_huawei_msm8916 through 2017-06-16 in LineageOS, and possibly other kernels for MSM devices, allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted /sys/kernel/debug/msm-bus-dbg/client-data/update-request write request. | |||||
| CVE-2017-7502 | 1 Mozilla | 1 Network Security Services | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker. | |||||
| CVE-2015-9073 | 1 Google | 1 Android | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall. | |||||
| CVE-2016-4912 | 1 Openslp | 1 Openslp | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure. | |||||
| CVE-2017-9988 | 2 Debian, Libming | 2 Debian Linux, Libming | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c. | |||||
| CVE-2017-8395 | 1 Gnu | 1 Binutils | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash. | |||||
| CVE-2017-7383 | 1 Podofo Project | 1 Podofo | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | |||||