Total
4319 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-12193 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-20 | N/A |
| The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations. | ||||
| CVE-2017-0349 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-20 | N/A |
| All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is not correctly validated before it is dereferenced for a write operation, may lead to denial of service or potential escalation of privileges. | ||||
| CVE-2017-7225 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash. | ||||
| CVE-2017-5855 | 1 Podofo Project | 1 Podofo | 2025-04-20 | N/A |
| The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | ||||
| CVE-2017-5937 | 1 Virglrenderer Project | 1 Virglrenderer | 2025-04-20 | N/A |
| The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0.6.0 and earlier allows local guest OS users to cause a denial of service (NULL pointer dereference) via a crafted VIRGL_CCMD_CLEAR command. | ||||
| CVE-2017-5854 | 1 Podofo Project | 1 Podofo | 2025-04-20 | N/A |
| base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | ||||
| CVE-2017-7209 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash. | ||||
| CVE-2017-5851 | 1 Mp3splt Project | 1 Mp3splt | 2025-04-20 | N/A |
| The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. NOTE: this typically has no risk; this crash of this command-line program has no further consequences for availability. | ||||
| CVE-2017-5668 | 1 Bitlbee | 2 Bitlbee, Bitlbee-libpurple | 2025-04-20 | N/A |
| bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-10189. | ||||
| CVE-2017-0546 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32628763. | ||||
| CVE-2017-5665 | 1 Libmp3splt Project | 1 Libmp3splt | 2025-04-20 | N/A |
| The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | ||||
| CVE-2017-5625 | 1 Oneplus | 3 Oneplus 3, Oneplus 3t, Oxygenos | 2025-04-20 | N/A |
| In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump <partition>' fastboot command. | ||||
| CVE-2017-14225 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in libavcodec/utils.c, leading to a NULL pointer dereference. (It is also conceivable that there is security relevance for a NULL pointer dereference in av_color_primaries_name calls within the ffprobe command-line program.) | ||||
| CVE-2017-5193 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2025-04-20 | N/A |
| The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick. | ||||
| CVE-2016-8884 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690. | ||||
| CVE-2016-8690 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command. | ||||
| CVE-2017-5023 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-20 | N/A |
| Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page. | ||||
| CVE-2017-4900 | 1 Vmware | 2 Workstation Player, Workstation Pro | 2025-04-20 | N/A |
| VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. | ||||
| CVE-2016-9448 | 2 Libtiff, Opensuse | 2 Libtiff, Opensuse | 2025-04-20 | N/A |
| The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297. | ||||
| CVE-2016-9813 | 2 Gstreamer, Redhat | 2 Gstreamer, Enterprise Linux | 2025-04-20 | N/A |
| The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | ||||