Total
2549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32440 | 1 Gpac | 1 Gpac | 2021-08-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-32437 | 1 Gpac | 1 Gpac | 2021-08-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-35307 | 1 Axiosys | 1 Bento4 | 2021-08-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS). | |||||
| CVE-2021-35306 | 1 Axiosys | 1 Bento4 | 2021-08-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the function AP4_StszAtom::WriteFields located in Ap4StszAtom.cpp. It allows an attacker to cause a denial of service (DOS). | |||||
| CVE-2021-38200 | 1 Linux | 1 Linux Kernel | 2021-08-12 | 2.1 LOW | 5.5 MEDIUM |
| arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference and OOPS) via a "perf record" command. | |||||
| CVE-2021-38206 | 1 Linux | 1 Linux Kernel | 2021-08-12 | 2.1 LOW | 5.5 MEDIUM |
| The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates. | |||||
| CVE-2021-27953 | 1 Ecobee | 2 Ecobee3 Lite, Ecobee3 Lite Firmware | 2021-08-11 | 7.8 HIGH | 7.5 HIGH |
| A NULL pointer dereference vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HomeKit Wireless Access Control setup process. A threat actor can exploit this vulnerability to cause a denial of service, forcing the device to reboot via a crafted HTTP request. | |||||
| CVE-2020-22352 | 1 Gpac | 1 Gpac | 2021-08-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-36764 | 1 Codesys | 1 Gateway | 2021-08-11 | 5.0 MEDIUM | 7.5 HIGH |
| In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. Crafted communication requests may cause a Null pointer dereference in the affected CODESYS products and may result in a denial-of-service condition. | |||||
| CVE-2021-36765 | 1 Codesys | 1 Ethernetip | 2021-08-11 | 5.0 MEDIUM | 7.5 HIGH |
| In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a null pointer dereference in the downloaded vulnerable EtherNet/IP stack that is executed by the CODESYS Control runtime system. | |||||
| CVE-2021-25804 | 1 Videolan | 1 Vlc Media Player | 2021-08-04 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application. | |||||
| CVE-2021-20596 | 1 Mitsubishielectric | 3 Fx3u-enet-l Firmware, Fx3u-enet-p502 Firmware, Fx3u-enet Firmware | 2021-08-02 | 5.0 MEDIUM | 7.5 HIGH |
| NULL Pointer Dereference in MELSEC-F Series FX3U-ENET firmware version 1.14 and prior, FX3U-ENET-L firmware version 1.14 and prior and FX3U-ENET-P502 firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a DoS condition in communication by sending specially crafted packets. Control by MELSEC-F series PLC is not affected and system reset is required for recovery. | |||||
| CVE-2017-12627 | 1 Apache | 1 Xerces-c\+\+ | 2021-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions. | |||||
| CVE-2020-19488 | 1 Gpac | 1 Gpac | 2021-07-31 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0, allows attackers to cause a Denial of Service due to an invalid read on function ilst_item_Read. | |||||
| CVE-2021-1096 | 1 Nvidia | 1 Gpu Display Driver | 2021-07-30 | 4.9 MEDIUM | 5.5 MEDIUM |
| NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash. | |||||
| CVE-2020-19470 | 1 Flowpaper | 1 Pdf2json | 2021-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue has been found in function DCTStream::getChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a NULL pointer dereference (invalid read of size 1) . | |||||
| CVE-2020-19468 | 1 Flowpaper | 1 Pdf2json | 2021-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue has been found in function EmbedStream::getChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a null pointer derefenrece (invalid read of size 8) . | |||||
| CVE-2021-1103 | 1 Nvidia | 1 Virtual Gpu | 2021-07-27 | 2.1 LOW | 4.4 MEDIUM |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8). | |||||
| CVE-2021-29616 | 1 Google | 1 Tensorflow | 2021-07-26 | 4.6 MEDIUM | 7.8 HIGH |
| TensorFlow is an end-to-end open source platform for machine learning. The implementation of TrySimplify(https://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc#L390-L401) has undefined behavior due to dereferencing a null pointer in corner cases that result in optimizing a node with no inputs. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. | |||||
| CVE-2021-29513 | 1 Google | 1 Tensorflow | 2021-07-26 | 4.6 MEDIUM | 7.8 HIGH |
| TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++ array(https://github.com/tensorflow/tensorflow/blob/ff70c47a396ef1e3cb73c90513da4f5cb71bebba/tensorflow/python/lib/core/ndarray_tensor.cc#L113-L169) is vulnerable to a type confusion. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. | |||||