Total
5098 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-26713 | 2024-12-19 | 4.4 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-45156 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-12-18 | 7.8 High |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-53952 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-18 | 5.5 Medium |
| InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49554 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-12-18 | 5.5 Medium |
| Media Encoder versions 25.0, 24.6.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-52833 | 1 Adobe | 1 Substance 3d Modeler | 2024-12-18 | 5.5 Medium |
| Substance3D - Modeler versions 1.14.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-12653 | 1 Fabulatech | 1 Usb Over Network | 2024-12-18 | 5.5 Medium |
| A vulnerability classified as problematic has been found in FabulaTech USB over Network 6.0.6.1. Affected is the function 0x22040C in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-12654 | 1 Fabulatech | 1 Usb Over Network | 2024-12-18 | 5.5 Medium |
| A vulnerability classified as problematic was found in FabulaTech USB over Network 6.0.6.1. Affected by this vulnerability is the function 0x220408 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-34719 | 1 Google | 1 Android | 2024-12-17 | 8.4 High |
| In multiple locations, there is a possible permissions bypass due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-0035 | 1 Google | 1 Android | 2024-12-16 | 7.8 High |
| In onNullBinding of TileLifecycleManager.java, there is a possible way to launch an activity from the background due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-44853 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | 7.5 High |
| Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component computeControl(). | ||||
| CVE-2024-44854 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | 7.5 High |
| Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component smoothPlan(). | ||||
| CVE-2024-44855 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | 7.5 High |
| Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2_navfn_planner(). | ||||
| CVE-2024-44856 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | 7.5 High |
| Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2_smac_planner(). | ||||
| CVE-2024-53006 | 1 Adobe | 1 Substance 3d Modeler | 2024-12-13 | 5.5 Medium |
| Substance3D - Modeler versions 1.14.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-42058 | 1 Zyxel | 36 Atp100, Atp100 Firmware, Atp100w and 33 more | 2024-12-13 | 7.5 High |
| A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device. | ||||
| CVE-2024-41836 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-12 | 5.5 Medium |
| InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-54106 | 1 Huawei | 1 Harmonyos | 2024-12-12 | 7.1 High |
| Null pointer dereference vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-21763 | 1 F5 | 2 Big-ip, Big-ip Advanced Firewall Manager | 2024-12-12 | 7.5 High |
| When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed queries can cause the Traffic Management Microkernel (TMM) to terminate. NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2024-23308 | 1 F5 | 2 Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager | 2024-12-12 | 7.5 High |
| When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed URL with "Apply value and content signatures and detect threat campaigns." Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2024-12002 | 1 Tenda | 8 Fh1201, Fh1201 Firmware, Fh1202 and 5 more | 2024-12-10 | 4.3 Medium |
| A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||