Total
3510 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8572 | 1 Apple | 1 Airport Base Station Firmware | 2020-10-30 | 7.5 HIGH | 9.8 CRITICAL |
| A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution. | |||||
| CVE-2019-8588 | 1 Apple | 1 Airport Base Station Firmware | 2020-10-30 | 7.8 HIGH | 7.5 HIGH |
| A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause a system denial of service. | |||||
| CVE-2017-9250 | 1 Jerryscript | 1 Jerryscript | 2020-10-28 | 5.0 MEDIUM | 7.5 HIGH |
| The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScript source code, related to the jmem_heap_free_block function. | |||||
| CVE-2018-1000179 | 2 Debian, Quassel-irc | 2 Debian Linux, Quassel | 2020-10-26 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service. | |||||
| CVE-2020-25858 | 1 Qualcomm | 1 Qualcomm Mobile Access Point | 2020-10-26 | 5.0 MEDIUM | 7.5 HIGH |
| The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior to versions released in October 2020 does not validate the return value of a strstr() or strchr() call in the Tokenizer() function. An attacker who invokes the web interface with a crafted URL can crash the process, causing denial of service. This version of QCMAP is used in many kinds of networking devices, primarily mobile hotspots and LTE routers. | |||||
| CVE-2018-20024 | 3 Canonical, Debian, Libvnc Project | 3 Ubuntu Linux, Debian Linux, Libvncserver | 2020-10-23 | 5.0 MEDIUM | 7.5 HIGH |
| LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS. | |||||
| CVE-2018-10322 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 2 more | 2020-10-16 | 4.9 MEDIUM | 5.5 MEDIUM |
| The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image. | |||||
| CVE-2017-6415 | 1 Radare | 1 Radare2 | 2020-10-15 | 4.3 MEDIUM | 5.5 MEDIUM |
| The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file. | |||||
| CVE-2020-25741 | 1 Qemu | 1 Qemu | 2020-10-14 | 2.1 LOW | 3.2 LOW |
| fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive. | |||||
| CVE-2020-5989 | 1 Nvidia | 1 Virtual Gpu Manager | 2020-10-13 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0. | |||||
| CVE-2019-15258 | 1 Cisco | 4 Spa112, Spa112 Firmware, Spa122 and 1 more | 2020-10-09 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper validation of user-supplied requests to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the device to stop responding, requiring manual intervention for recovery. | |||||
| CVE-2020-25742 | 1 Qemu | 1 Qemu | 2020-10-07 | 2.1 LOW | 3.2 LOW |
| pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer. | |||||
| CVE-2020-25743 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack Platform | 2020-10-07 | 2.1 LOW | 3.2 LOW |
| hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. | |||||
| CVE-2011-1752 | 5 Apache, Apple, Canonical and 2 more | 5 Subversion, Mac Os X, Ubuntu Linux and 2 more | 2020-10-05 | 5.0 MEDIUM | N/A |
| The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011. | |||||
| CVE-2020-26536 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2020-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is a NULL pointer dereference via a crafted PDF document. | |||||
| CVE-2017-9124 | 1 Libquicktime | 1 Libquicktime | 2020-09-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| The quicktime_match_32 function in util.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | |||||
| CVE-2019-12109 | 1 Miniupnp Project | 1 Miniupnpd | 2020-09-28 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. | |||||
| CVE-2019-12111 | 2 Debian, Miniupnp Project | 2 Debian Linux, Miniupnpd | 2020-09-28 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c. | |||||
| CVE-2019-12108 | 1 Miniupnp Project | 1 Miniupnpd | 2020-09-28 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. | |||||
| CVE-2019-12110 | 1 Miniupnp.free | 1 Miniupnpd | 2020-09-28 | 5.0 MEDIUM | 7.5 HIGH |
| An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c. | |||||