Total
3510 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9040 | 1 Gnu | 1 Binutils | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt. | |||||
| CVE-2017-9347 | 1 Wireshark | 1 Wireshark | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID. | |||||
| CVE-2017-9105 | 2 Fedoraproject, Gnu | 2 Fedora, Adns | 2023-11-07 | 7.5 HIGH | 8.8 HIGH |
| An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution. | |||||
| CVE-2017-9343 | 1 Wireshark | 1 Wireshark | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address. | |||||
| CVE-2017-5991 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected. | |||||
| CVE-2017-6311 | 2 Fedoraproject, Gnome | 2 Fedora, Gdk-pixbuf | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message. | |||||
| CVE-2017-6298 | 2 Debian, Ytnef Project | 2 Debian Linux, Ytnef | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked." | |||||
| CVE-2017-5023 | 1 Google | 1 Chrome | 2023-11-07 | 4.3 MEDIUM | 4.3 MEDIUM |
| Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page. | |||||
| CVE-2017-3169 | 1 Apache | 1 Http Server | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port. | |||||
| CVE-2017-2635 | 1 Redhat | 1 Libvirt | 2023-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service. | |||||
| CVE-2017-18189 | 2 Debian, Sound Exchange Project | 2 Debian Linux, Sound Exchange | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service. | |||||
| CVE-2017-17997 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343. | |||||
| CVE-2017-17555 | 2 Aubio, Ffmpeg | 3 Aubio, Ffmpeg, Libswresample | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file. | |||||
| CVE-2017-17554 | 1 Aubio | 1 Aubio | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file. | |||||
| CVE-2017-17123 | 1 Gnu | 1 Binutils | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file. | |||||
| CVE-2017-15930 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer. | |||||
| CVE-2017-15939 | 1 Gnu | 1 Binutils | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023. | |||||
| CVE-2017-16545 | 1 Graphicsmagick | 1 Graphicsmagick | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image. | |||||
| CVE-2017-15023 | 1 Gnu | 1 Binutils | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. | |||||
| CVE-2017-15022 | 1 Gnu | 1 Binutils | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit. | |||||