Total
2549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-20216 | 1 Mikrotik | 1 Routeros | 2021-07-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/graphing process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | |||||
| CVE-2021-1075 | 1 Nvidia | 1 Gpu Display Driver | 2021-06-30 | 5.6 MEDIUM | 7.3 HIGH |
| NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of service, or escalation of privileges. Attacker does not have any control over the information and may conduct limited data modification. | |||||
| CVE-2021-33572 | 1 F-secure | 4 Cloud Protection For Salesforce, Elements For Microsoft 365, Endpoint Protection and 1 more | 2021-06-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the FSAVD component used in certain F-Secure products can crash while scanning larger packages/fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. | |||||
| CVE-2021-0555 | 1 Google | 1 Android | 2021-06-24 | 5.0 MEDIUM | 7.5 HIGH |
| In RenderStruct of protostream_objectsource.cc, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-179161711 | |||||
| CVE-2014-0190 | 4 Canonical, Fedoraproject, Opensuse and 1 more | 4 Ubuntu Linux, Fedora, Opensuse and 1 more | 2021-06-16 | 4.3 MEDIUM | N/A |
| The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image. | |||||
| CVE-2019-18885 | 1 Linux | 1 Linux Kernel | 2021-06-14 | 2.1 LOW | 5.5 MEDIUM |
| fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15. | |||||
| CVE-2018-14613 | 1 Linux | 1 Linux Kernel | 2021-06-14 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c. | |||||
| CVE-2019-14584 | 1 Tianocore | 1 Edk2 | 2021-06-11 | 4.6 MEDIUM | 7.8 HIGH |
| Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-17539 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2021-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer. | |||||
| CVE-2021-30500 | 3 Fedoraproject, Redhat, Upx Project | 3 Fedora, Enterprise Linux, Upx | 2021-06-08 | 6.8 MEDIUM | 7.8 HIGH |
| Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file. | |||||
| CVE-2020-18395 | 1 Gnu | 1 Gama | 2021-06-01 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial of service (DOS) via segment faults caused by crafted inputs. | |||||
| CVE-2020-10066 | 1 Zephyrproject | 1 Zephyr | 2021-05-27 | 3.3 LOW | 5.7 MEDIUM |
| Incorrect Error Handling in Bluetooth HCI core. Zephyr versions >= v1.14.2, >= v2.2.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gc66-xfrc-24qr | |||||
| CVE-2021-3320 | 1 Zephyrproject | 1 Zephyr | 2021-05-27 | 5.0 MEDIUM | 7.5 HIGH |
| Type Confusion in 802154 ACK Frames Handling. Zephyr versions >= v2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-27r3-rxch-2hm7 | |||||
| CVE-2021-28683 | 1 Envoyproxy | 1 Envoy | 2021-05-27 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received. | |||||
| CVE-2020-21815 | 1 Gnu | 1 Libredwg | 2021-05-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash). | |||||
| CVE-2020-21817 | 1 Gnu | 1 Libredwg | 2021-05-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash). | |||||
| CVE-2020-20222 | 1 Mikrotik | 1 Routeros | 2021-05-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | |||||
| CVE-2021-25693 | 1 Teradici | 1 Pcoip Agent | 2021-05-21 | 5.0 MEDIUM | 7.5 HIGH |
| An attacker may cause a Denial of Service (DoS) in multiple versions of Teradici PCoIP Agent via a null pointer dereference. | |||||
| CVE-2020-21835 | 1 Gnu | 1 Libredwg | 2021-05-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337. | |||||
| CVE-2021-29565 | 1 Google | 1 Tensorflow | 2021-05-20 | 2.1 LOW | 5.5 MEDIUM |
| TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.SparseFillEmptyRows`. This is because of missing validation(https://github.com/tensorflow/tensorflow/blob/fdc82089d206e281c628a93771336bf87863d5e8/tensorflow/core/kernels/sparse_fill_empty_rows_op.cc#L230-L231) that was covered under a `TODO`. If the `dense_shape` tensor is empty, then `dense_shape_t.vec<>()` would cause a null pointer dereference in the implementation of the op. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. | |||||