Total
4853 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-4302 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.
|
|||||
| CVE-2018-4276 | 1 Apple | 1 Mac Os X | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A null pointer dereference was addressed with improved validation. This issue affected versions prior to macOS High Sierra 10.13.6.
|
|||||
| CVE-2018-4140 | 1 Apple | 1 Iphone Os | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Telephony" component. It allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via a Class 0 SMS message.
|
|||||
| CVE-2018-4024 | 1 Anker-in | 2 Roav Dashcam A1, Roav Dashcam A1 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a null pointer dereference, resulting in a device reboot.
|
|||||
| CVE-2018-3841 | 1 Pixar | 1 Renderman | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x69). The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read-in is not validated, and its use can lead to a null pointer dereference. The IT application is opened by a user and then listens for a connection on port 4001. An attacker can deliver an attack once the application has been opened.
|
|||||
| CVE-2018-3840 | 1 Pixar | 1 Renderman | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x67). The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read by the application is not validated, and its use can lead to a null pointer dereference. The IT application is opened by a user and then listens for a connection on port 4001. An attacker can deliver an attack once the application has been opened.
|
|||||
| CVE-2018-3592 | 1 Qualcomm | 42 Mdm9206, Mdm9206 Firmware, Mdm9607 and 39 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, added a change to check if the pointer has been reset to NULL or not, before writing to the memory pointed by the pointer.
|
|||||
| CVE-2018-3570 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In the cpuidle driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, the list_for_each macro was not used correctly which could lead to an untrusted pointer dereference.
|
|||||
| CVE-2018-3563 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, untrusted pointer dereference in apr_cb_func can lead to an arbitrary code execution.
|
|||||
| CVE-2018-2914 | 1 Oracle | 1 Goldengate | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle GoldenGate. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GoldenGate. CVSS 3.0 Base Score 7.5 (Availability i ...
Show More |
|||||
| CVE-2018-2912 | 1 Oracle | 1 Goldengate | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle GoldenGate. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GoldenGate. CVSS 3.0 Base Score 7.5 (Availability i ...
Show More |
|||||
| CVE-2018-2384 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.
|
|||||
| CVE-2018-21236 | 1 Foxitsoftware | 1 Reader | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in Foxit Reader before 2.4.4. It has a NULL pointer dereference.
|
|||||
| CVE-2018-21015 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL.
|
|||||
| CVE-2018-20786 | 1 Leonerd | 1 Libvterm | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c.
|
|||||
| CVE-2018-20751 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference.
|
|||||
| CVE-2018-20651 | 1 Gnu | 1 Binutils | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.
|
|||||
| CVE-2018-20537 | 1 Liblas | 1 Liblas | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
There is a NULL pointer dereference at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service.
|
|||||
| CVE-2018-20533 | 2 Canonical, Opensuse | 2 Ubuntu Linux, Libsolv | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
|
|||||
| CVE-2018-20532 | 2 Canonical, Opensuse | 2 Ubuntu Linux, Libsolv | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
|
|||||
| CVE-2018-20481 | 3 Canonical, Debian, Freedesktop | 3 Ubuntu Linux, Debian Linux, Poppler | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.
|
|||||
| CVE-2018-20431 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.
|
|||||
| CVE-2018-20429 | 1 Libming | 1 Libming | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability than CVE-2018-7872 and CVE-2018-9165.
|
|||||
| CVE-2018-20428 | 1 Libming | 1 Libming | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerability than CVE-2018-7874.
|
|||||
| CVE-2018-20427 | 1 Libming | 1 Libming | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability than CVE-2018-9132.
|
|||||
| CVE-2018-20426 | 1 Libming | 1 Libming | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
libming 0.4.8 has a NULL pointer dereference in the newVar3 function of the decompile.c file, a different vulnerability than CVE-2018-7866.
|
|||||
| CVE-2018-20425 | 1 Libming | 1 Libming | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
libming 0.4.8 has a NULL pointer dereference in the pushdup function of the decompile.c file.
|
|||||
| CVE-2018-20364 | 1 Libraw | 1 Libraw | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
|
|||||
| CVE-2018-20363 | 1 Libraw | 1 Libraw | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
|
|||||
| CVE-2018-20362 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHT_SHORT_SEQUENCE case.
|
|||||
| CVE-2018-20357 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash.
|
|||||
| CVE-2018-20349 | 1 Igraph | 1 Igraph | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 has an NULL pointer dereference that allows attackers to cause a denial of service (application crash) via a crafted object.
|
|||||
| CVE-2018-20199 | 2 Audiocoding, Debian | 2 Freeware Advanced Audio Decoder 2, Debian Linux | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case.
|
|||||
| CVE-2018-20198 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the LONG_START_SEQUENCE case.
|
|||||
| CVE-2018-20195 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A NULL pointer dereference was discovered in ic_predict of libfaad/ic_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
|
|||||
| CVE-2018-20191 | 3 Canonical, Fedoraproject, Qemu | 3 Ubuntu Linux, Fedora, Qemu | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).
|
|||||
| CVE-2018-20190 | 1 Sass-lang | 1 Libsass | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file.
|
|||||
| CVE-2018-20125 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.
|
|||||
| CVE-2018-20024 | 3 Canonical, Debian, Libvnc Project | 3 Ubuntu Linux, Debian Linux, Libvncserver | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.
|
|||||
| CVE-2018-20014 | 1 Urbackup | 1 Urbackup | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::GetFileHashAndMetadata NULL pointer dereference, leading to shutting down the client application.
|
|||||