Total
3902 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-21433 | 1 Qualcomm | 550 215 Mobile, 215 Mobile Firmware, Apq8017 and 547 more | 2025-08-11 | N/A | 6.2 MEDIUM |
| Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. | |||||
| CVE-2025-8735 | 2025-08-08 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-20339 | 1 Cisco | 1 Firepower Threat Defense Software | 2025-08-08 | N/A | 8.6 HIGH |
| A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device. | |||||
| CVE-2023-32171 | 1 Unified-automation | 1 Uagateway | 2025-08-08 | N/A | 6.5 MEDIUM |
| Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability. The specific flaw exists within the ImportCsv method. A crafted XML payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20495. | |||||
| CVE-2020-3999 | 2 Apple, Vmware | 4 Mac Os X, Esxi, Fusion and 1 more | 2025-08-08 | 2.1 LOW | 6.5 MEDIUM |
| VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition. | |||||
| CVE-2022-3109 | 3 Debian, Fedoraproject, Ffmpeg | 3 Debian Linux, Fedora, Ffmpeg | 2025-08-07 | N/A | 7.5 HIGH |
| An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability. | |||||
| CVE-2022-3341 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2025-08-07 | N/A | 5.3 MEDIUM |
| A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an application to crash. | |||||
| CVE-2025-48965 | 1 Arm | 1 Mbed Tls | 2025-08-07 | N/A | 4.0 MEDIUM |
| Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero. | |||||
| CVE-2019-9923 | 2 Gnu, Opensuse | 2 Tar, Leap | 2025-08-06 | 5.0 MEDIUM | 7.5 HIGH |
| pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. | |||||
| CVE-2025-30665 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2025-08-05 | N/A | 6.5 MEDIUM |
| NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-30666 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2025-08-05 | N/A | 6.5 MEDIUM |
| NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-41691 | 2025-08-04 | N/A | 7.5 HIGH | ||
| An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition. | |||||
| CVE-2025-6398 | 2025-08-04 | N/A | N/A | ||
| A null pointer dereference vulnerability exists in the IOMap64.sys driver of ASUS AI Suite 3. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash (BSOD). Refer to the ' Security Update for for AI Suite 3 ' section on the ASUS Security Advisory for more information. | |||||
| CVE-2025-49832 | 2025-08-04 | N/A | 6.5 MEDIUM | ||
| Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in `asterisk/res/res_stir_shaken /verification.c` that can be exploited when an attacker can set an arbitrary Identity header, or STIR/SHAKEN is enabled, with verification set in the SIP profile associated with the endpoint to be attacked. This is fixed in versions 18.26.3, 20.7-cert6, 20.15.1, 21.10.1 and 22.5.1. | |||||
| CVE-2025-30671 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2025-08-01 | N/A | 6.5 MEDIUM |
| Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-30670 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2025-08-01 | N/A | 6.5 MEDIUM |
| Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-8224 | 1 Gnu | 1 Binutils | 2025-08-01 | 1.7 LOW | 3.3 LOW |
| A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is db856d41004301b3a56438efd957ef5cabb91530. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2025-31181 | 2 Gnuplot, Redhat | 2 Gnuplot, Enterprise Linux | 2025-07-30 | N/A | 6.2 MEDIUM |
| A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash. | |||||
| CVE-2025-31180 | 2 Gnuplot, Redhat | 2 Gnuplot, Enterprise Linux | 2025-07-30 | N/A | 6.2 MEDIUM |
| A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash. | |||||
| CVE-2025-31179 | 2 Gnuplot, Redhat | 2 Gnuplot, Enterprise Linux | 2025-07-30 | N/A | 6.2 MEDIUM |
| A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash. | |||||