Total
5067 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-4925 | 2 Apple, Vmware | 5 Mac Os X, Esxi, Fusion and 2 more | 2025-04-20 | 5.5 Medium |
| VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. | ||||
| CVE-2017-15565 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2025-04-20 | N/A |
| In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document. | ||||
| CVE-2016-10087 | 1 Libpng | 1 Libpng | 2025-04-20 | N/A |
| The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure. | ||||
| CVE-2014-3164 | 1 Google | 1 Android | 2025-04-20 | N/A |
| cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths. | ||||
| CVE-2017-7659 | 2 Apache, Redhat | 2 Http Server, Rhel Software Collections | 2025-04-20 | N/A |
| A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process. | ||||
| CVE-2017-7522 | 1 Openvpn | 1 Openvpn | 2025-04-20 | N/A |
| OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character. | ||||
| CVE-2016-10162 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2025-04-20 | N/A |
| The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call. | ||||
| CVE-2017-14940 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file. | ||||
| CVE-2017-7381 | 1 Podofo Project | 1 Podofo | 2025-04-20 | N/A |
| The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | ||||
| CVE-2015-9026 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | ||||
| CVE-2015-9027 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | ||||
| CVE-2017-5149 | 1 Abbott | 3 Merlin\@home Ex1100, Merlin\@home Ex1150, Merlin\@home Firmware | 2025-04-20 | 8.9 High |
| An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models: EX1150; Inductive models: EX1100; and Inductive models: EX1100 with MerlinOnDemand capability). The identities of the endpoints for the communication channel between the transmitter and St. Jude Medical's web site, Merlin.net, are not verified. This may allow a man-in-the-middle attacker to access or influence communications between the identified endpoints. | ||||
| CVE-2017-7511 | 1 Freedesktop | 1 Poppler | 2025-04-20 | N/A |
| poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents. | ||||
| CVE-2015-9054 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced during GAL decoding. | ||||
| CVE-2014-0146 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2025-04-20 | N/A |
| The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields. | ||||
| CVE-2017-5951 | 1 Artifex | 1 Ghostscript | 2025-04-20 | N/A |
| The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | ||||
| CVE-2017-11590 | 1 Gnome | 1 Libgxps | 2025-04-20 | N/A |
| There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack. | ||||
| CVE-2017-6463 | 2 Ntp, Redhat | 2 Ntp, Enterprise Linux | 2025-04-20 | N/A |
| NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option. | ||||
| CVE-2017-5854 | 1 Podofo Project | 1 Podofo | 2025-04-20 | N/A |
| base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | ||||
| CVE-2017-5855 | 1 Podofo Project | 1 Podofo | 2025-04-20 | N/A |
| The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | ||||