Total
4853 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-18937 | 1 Mz-automation | 1 Libiec61850 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.
|
|||||
| CVE-2018-18883 | 1 Xen | 1 Xen | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
|
An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified other impact because nested VT-x is not properly restricted.
|
|||||
| CVE-2018-18873 | 4 Canonical, Debian, Jasper Project and 1 more | 5 Ubuntu Linux, Debian Linux, Jasper and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.
|
|||||
| CVE-2018-18829 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.
|
|||||
| CVE-2018-18661 | 2 Canonical, Libtiff | 2 Ubuntu Linux, Libtiff | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.
|
|||||
| CVE-2018-18607 | 3 Debian, Gnu, Netapp | 3 Debian Linux, Binutils, Data Ontap | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
|
|||||
| CVE-2018-18606 | 3 Debian, Gnu, Netapp | 3 Debian Linux, Binutils, Data Ontap | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
|
|||||
| CVE-2018-18585 | 6 Canonical, Debian, Kyzer and 3 more | 8 Ubuntu Linux, Debian Linux, Libmspack and 5 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).
|
|||||
| CVE-2018-18513 | 1 Mozilla | 1 Thunderbird | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird < 60.5.
|
|||||
| CVE-2018-18508 | 2 Mozilla, Siemens | 17 Network Security Services, Ruggedcom Rox Mx5000, Ruggedcom Rox Mx5000 Firmware and 14 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.
|
|||||
| CVE-2018-18459 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
|
|||||
| CVE-2018-18458 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
|
|||||
| CVE-2018-18457 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
|
|||||
| CVE-2018-18329 | 1 Trendmicro | 3 Antivirus For Mac 2017, Antivirus For Mac 2018, Antivirus For Mac 2019 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation function on 0x6F4E offset user-supplied buffer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
|
|||||
| CVE-2018-18328 | 1 Trendmicro | 3 Antivirus For Mac 2017, Antivirus For Mac 2018, Antivirus For Mac 2019 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation function on 0x6F6A offset user-supplied buffer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
|
|||||
| CVE-2018-18327 | 1 Trendmicro | 3 Antivirus For Mac 2017, Antivirus For Mac 2018, Antivirus For Mac 2019 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation function on 0x6eDC offset user-supplied buffer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
|
|||||
| CVE-2018-18318 | 1 Qiku | 2 360 Mobile Phone N6 Pro, 360 Mobile Phone N6 Pro Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
The /dev/block/mmcblk0rpmb driver kernel module on Qiku 360 Phone N6 Pro 1801-A01 devices allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted 0xc0d8b300 ioctl call.
|
|||||
| CVE-2018-18227 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.
|
|||||
| CVE-2018-18192 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in libgig 4.1.0. There is a NULL pointer dereference in the function DLS::File::GetFirstSample() in DLS.cpp.
|
|||||
| CVE-2018-18088 | 2 Debian, Uclouvain | 2 Debian Linux, Openjpeg | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
|
|||||
| CVE-2018-18065 | 5 Canonical, Debian, Net-snmp and 2 more | 10 Ubuntu Linux, Debian Linux, Net-snmp and 7 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
|
|||||
| CVE-2018-17893 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, which may allow remote code execution.
|
|||||
| CVE-2018-17794 | 1 Gnu | 1 Binutils | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.
|
|||||
| CVE-2018-17432 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
|
|||||
| CVE-2018-17419 | 1 Dns Library Project | 1 Dns Library | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service.
|
|||||
| CVE-2018-17293 | 1 Webassembly Virtual Machine Project | 1 Webassembly Virtual Machine | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service (application crash by NULL pointer dereference) or possibly have unspecified other impact by crafting certain WebAssembly files.
|
|||||
| CVE-2018-17282 | 1 Exiv2 | 1 Exiv2 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.
|
|||||
| CVE-2018-17154 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. Unprivileged authenticated local users may be able to cause a denial of service.
|
|||||
| CVE-2018-17142 | 2 Fedoraproject, Golang | 2 Fedora, Net | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call.
|
|||||
| CVE-2018-17127 | 1 Asus | 2 Gt-ac5300, Gt-ac5300 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (NULL pointer dereference and device crash) via a request that lacks a timestap parameter.
|
|||||
| CVE-2018-17075 | 2 Fedoraproject, Golang | 2 Fedora, Net | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit.
|
|||||
| CVE-2018-17073 | 1 Bitmap Project | 1 Bitmap | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via a 4-bit image.
|
|||||
| CVE-2018-17000 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.
|
|||||
| CVE-2018-16871 | 3 Linux, Netapp, Redhat | 28 Linux Kernel, Cloud Backup, H300e and 25 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.
|
|||||
| CVE-2018-16852 | 1 Samba | 1 Samba | 2024-11-21 | 3.5 LOW | 6.5 MEDIUM |
|
Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a NULL pointer de-reference. During the processing of an DNS zone in the DNS management DCE/RPC server, the internal DNS server or the Samba DLZ plugin for BIND9, if the DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will follow a NULL pointer and terminate. There is no further vulnerability associated with this issue, merely a denial of service.
|
|||||
| CVE-2018-16851 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There is no further vulnerability associated with this issue, merely a denial of service.
|
|||||
| CVE-2018-16749 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
|
|||||
| CVE-2018-16657 | 2 Debian, Kamailio | 2 Debian Linux, Kamailio | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcitt_string_array core function for calculating a CRC hash for To tags. (An additional error is present in the check_via_address core function: this function also misses input validation.) This could result in denial of service and potentially the execution of arbitrary code.
|
|||||
| CVE-2018-16517 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.
|
|||||
| CVE-2018-16428 | 2 Canonical, Gnome | 2 Ubuntu Linux, Glib | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
|
|||||