Total
3510 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41787 | 1 F5 | 2 Big-ip Domain Name System, Big-ip Local Traffic Manager | 2022-10-24 | N/A | 7.5 HIGH |
| In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM to terminate. | |||||
| CVE-2022-22232 | 1 Juniper | 29 Junos, Srx100, Srx110 and 26 more | 2022-10-21 | N/A | 7.5 HIGH |
| A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On SRX Series If Unified Threat Management (UTM) Enhanced Content Filtering (CF) is enabled and specific transit traffic is processed the PFE will crash and restart. This issue affects Juniper Networks Junos OS: 21.4 versions prior to 21.4R1-S2, 21.4R2 on SRX Series; 22.1 versions prior to 22.1R1-S1, 22.1R2 on SRX Series. This issue does not affect Juniper Networks Junos OS versions prior to 21.4R1. | |||||
| CVE-2022-35691 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2022-10-19 | N/A | 5.5 MEDIUM |
| Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36613 | 1 Mikrotik | 1 Routeros | 2022-10-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | |||||
| CVE-2021-36614 | 1 Mikrotik | 1 Routeros | 2022-10-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | |||||
| CVE-2022-41602 | 1 Huawei | 2 Emui, Harmonyos | 2022-10-15 | N/A | 3.4 LOW |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | |||||
| CVE-2019-20163 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2022-10-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_odf_avc_cfg_write_bs() in odf/descriptors.c. | |||||
| CVE-2019-20165 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2022-10-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function ilst_item_Read() in isomedia/box_code_apple.c. | |||||
| CVE-2019-9213 | 5 Canonical, Debian, Linux and 2 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2022-10-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task. | |||||
| CVE-2020-25692 | 3 Netapp, Openldap, Redhat | 5 Cloud Backup, Solidfire Baseboard Management Controller, Solidfire Baseboard Management Controller Firmware and 2 more | 2022-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. | |||||
| CVE-2022-31681 | 1 Vmware | 2 Cloud Foundation, Esxi | 2022-10-11 | N/A | 6.5 MEDIUM |
| VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host. | |||||
| CVE-2019-11338 | 4 Canonical, Debian, Ffmpeg and 1 more | 4 Ubuntu Linux, Debian Linux, Ffmpeg and 1 more | 2022-10-07 | 6.8 MEDIUM | 8.8 HIGH |
| libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data. | |||||
| CVE-2020-18730 | 1 Iec104 Project | 1 Iec104 | 2022-10-05 | 5.0 MEDIUM | 7.5 HIGH |
| A segmentation violation in the Iec104_Deal_I function of IEC104 v1.0 allows attackers to cause a denial of service (DOS). | |||||
| CVE-2020-18731 | 1 Iec104 Project | 1 Iec104 | 2022-10-05 | 5.0 MEDIUM | 7.5 HIGH |
| A segmentation violation in the Iec104_Deal_FirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service (DOS). | |||||
| CVE-2022-42306 | 1 Veritas | 1 Netbackup | 2022-10-04 | N/A | 5.5 MEDIUM |
| An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process. | |||||
| CVE-2014-2497 | 6 Canonical, Debian, Oracle and 3 more | 12 Ubuntu Linux, Debian Linux, Solaris and 9 more | 2022-09-28 | 4.3 MEDIUM | N/A |
| The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. | |||||
| CVE-2021-4145 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2022-09-28 | 4.9 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node. | |||||
| CVE-2022-2973 | 1 Mz-automation | 1 Libiec61850 | 2022-09-26 | N/A | 7.5 HIGH |
| MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) uses a NULL pointer in certain situations. which could allow an attacker to crash the server. | |||||
| CVE-2020-15469 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2022-09-23 | 2.1 LOW | 2.3 LOW |
| In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference. | |||||
| CVE-2020-35505 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2022-09-22 | 2.1 LOW | 4.4 MEDIUM |
| A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | |||||