Total
2549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-20252 | 1 Mikrotik | 1 Routeros | 2022-06-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | |||||
| CVE-2020-20250 | 1 Mikrotik | 1 Routeros | 2022-06-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference. | |||||
| CVE-2019-5054 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP service crashing. An unauthenticated attacker can send a specially crafted HTTP request to trigger this vulnerability. | |||||
| CVE-2019-5055 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in an invalid sequence to the <WFAWLANConfig:1#PutMessage> service can cause a null pointer dereference, resulting in the hostapd service crashing. An unauthenticated attacker can send a specially-crafted SOAP request to trigger this vulnerability. | |||||
| CVE-2022-32230 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server 2019 | 2022-06-23 | 7.8 HIGH | 7.5 HIGH |
| Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. | |||||
| CVE-2022-31763 | 1 Huawei | 2 Emui, Harmonyos | 2022-06-18 | 4.9 MEDIUM | 5.5 MEDIUM |
| The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2019-12259 | 4 Belden, Siemens, Sonicwall and 1 more | 49 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 46 more | 2022-06-16 | 5.0 MEDIUM | 7.5 HIGH |
| Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. | |||||
| CVE-2022-29694 | 1 Unicorn-engine | 1 Unicorn Engine | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| Unicorn Engine v2.0.0-rc7 and below was discovered to contain a NULL pointer dereference via qemu_ram_free. | |||||
| CVE-2022-32201 | 1 Libjpeg Project | 1 Libjpeg | 2022-06-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp. | |||||
| CVE-2022-32202 | 1 Libjpeg Project | 1 Libjpeg | 2022-06-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp. | |||||
| CVE-2022-29788 | 1 Libmobi Project | 1 Libmobi | 2022-06-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| libmobi before v0.10 contains a NULL pointer dereference via the component mobi_buffer_getpointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mobi file. | |||||
| CVE-2021-33254 | 2 Embedthis, Linux | 2 Appweb, Linux Kernel | 2022-06-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function. | |||||
| CVE-2021-42196 | 1 Swftools | 1 Swftools | 2022-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function traits_parse() located in abc.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2021-42198 | 1 Swftools | 1 Swftools | 2022-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2021-42200 | 1 Swftools | 1 Swftools | 2022-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function main() located in swfdump.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2021-42202 | 1 Swftools | 1 Swftools | 2022-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located in swffilter.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2020-13582 | 1 Silabs | 1 Micrium Uc-http | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2017-2893 | 1 Cesanta | 1 Mongoose | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability. | |||||
| CVE-2018-4024 | 1 Anker-in | 2 Roav Dashcam A1, Roav Dashcam A1 Firmware | 2022-06-07 | 7.8 HIGH | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a null pointer dereference, resulting in a device reboot. | |||||
| CVE-2021-42733 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2022-06-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Bridge version 11.1.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||