Total
2549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15096 | 1 Gluster | 1 Glusterfs | 2023-02-12 | 2.1 LOW | 3.3 LOW |
| A flaw was found in GlusterFS in versions prior to 3.10. A null pointer dereference in send_brick_req function in glusterfsd/src/gf_attach.c may be used to cause denial of service. | |||||
| CVE-2017-12193 | 1 Linux | 1 Linux Kernel | 2023-02-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations. | |||||
| CVE-2017-12192 | 1 Linux | 1 Linux Kernel | 2023-02-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation. | |||||
| CVE-2016-9572 | 2 Debian, Uclouvain | 2 Debian Linux, Openjpeg | 2023-02-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image. | |||||
| CVE-2016-8646 | 1 Linux | 1 Linux Kernel | 2023-02-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data. | |||||
| CVE-2016-8630 | 1 Linux | 1 Linux Kernel | 2023-02-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel before 4.8.7, when KVM is enabled, allows local users to cause a denial of service (host OS crash) via a certain use of a ModR/M byte in an undefined instruction. | |||||
| CVE-2016-6327 | 1 Linux | 1 Linux Kernel | 2023-02-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation. | |||||
| CVE-2016-5391 | 2 Fedoraproject, Libreswan | 2 Fedora, Libreswan | 2023-02-12 | 5.0 MEDIUM | 7.5 HIGH |
| libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart). | |||||
| CVE-2016-3070 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-02-12 | 4.6 MEDIUM | 7.8 HIGH |
| The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move. | |||||
| CVE-2016-10147 | 1 Linux | 1 Linux Kernel | 2023-02-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5). | |||||
| CVE-2022-2832 | 1 Blender | 1 Blender | 2023-02-12 | N/A | 7.5 HIGH |
| A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity. | |||||
| CVE-2022-0168 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-02-12 | N/A | 4.4 MEDIUM |
| A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system. | |||||
| CVE-2021-20196 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2023-02-12 | 2.1 LOW | 6.5 MEDIUM |
| A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2019-13590 | 1 Sound Exchange Project | 1 Sound Exchange | 2023-02-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread function), there is an integer overflow on the result of integer addition (wraparound to 0) fed into the lsx_calloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid pointer, leading to a NULL pointer dereference on lsx_readbuf in formats_i.c. | |||||
| CVE-2023-23087 | 1 Mojojson Project | 1 Mojojson | 2023-02-10 | N/A | 9.8 CRITICAL |
| An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy function. | |||||
| CVE-2017-18079 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-02-07 | 7.2 HIGH | 7.8 HIGH |
| drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated. | |||||
| CVE-2022-43588 | 1 Callback | 1 Cbfs Filter | 2023-02-07 | N/A | 5.5 MEDIUM |
| A null pointer dereference vulnerability exists in the handle_ioctl_83150 functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. | |||||
| CVE-2022-43589 | 1 Callback | 1 Cbfs Filter | 2023-02-07 | N/A | 5.5 MEDIUM |
| A null pointer dereference vulnerability exists in the handle_ioctl_8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. | |||||
| CVE-2022-43590 | 1 Callback | 1 Cbfs Filter | 2023-02-07 | N/A | 5.5 MEDIUM |
| A null pointer dereference vulnerability exists in the handle_ioctl_0x830a0_systembuffer functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. | |||||
| CVE-2021-3322 | 1 Zephyrproject | 1 Zephyr | 2023-02-06 | 3.3 LOW | 6.5 MEDIUM |
| Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. Zephyr versions >= >=2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p86r-gc4r-4mq3 | |||||