Total
4853 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1516 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system.
|
|||||
| CVE-2022-1507 | 2 Chafa Project, Fedoraproject | 2 Chafa, Fedora | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file.
|
|||||
| CVE-2022-1382 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
|
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system.
|
|||||
| CVE-2022-1341 | 1 Bwm-ng Project | 1 Bwm-ng | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in in bwm-ng v0.6.2. An arbitrary null write exists in get_cmdln_options() function in src/options.c.
|
|||||
| CVE-2022-1283 | 1 Radare | 1 Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).
|
|||||
| CVE-2022-1263 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.
|
|||||
| CVE-2022-1249 | 1 Pesign Project | 1 Pesign | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. The function fails to handle the NULL pwdata invocation from daemon.c, which leads to an explicit NULL dereference and crash on all attempts to daemonize pesign.
|
|||||
| CVE-2022-1205 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 4.7 MEDIUM |
|
A NULL pointer dereference flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.
|
|||||
| CVE-2022-1201 | 1 Mruby | 1 Mruby | 2024-11-21 | 4.9 MEDIUM | 6.5 MEDIUM |
|
NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system.
|
|||||
| CVE-2022-1172 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.0 MEDIUM |
|
Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV.
|
|||||
| CVE-2022-1130 | 1 Google | 2 Android, Chrome | 2024-11-21 | N/A | 8.1 HIGH |
|
Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app.
|
|||||
| CVE-2022-1035 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpac prior to 2.1.0-DEV.
|
|||||
| CVE-2022-0908 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-11-21 | 4.3 MEDIUM | 7.7 HIGH |
|
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
|
|||||
| CVE-2022-0890 | 1 Mruby | 1 Mruby | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
|
NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2.
|
|||||
| CVE-2022-0712 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
|
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4.
|
|||||
| CVE-2022-0696 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.
|
|||||
| CVE-2022-0632 | 1 Mruby | 1 Mruby | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
|
|||||
| CVE-2022-0617 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.
|
|||||
| CVE-2022-0562 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c.
|
|||||
| CVE-2022-0561 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.
|
|||||
| CVE-2022-0481 | 1 Mruby | 1 Mruby | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
|
|||||
| CVE-2022-0433 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1.
|
|||||
| CVE-2022-0419 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0.
|
|||||
| CVE-2022-0326 | 1 Mruby | 1 Mruby | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
|
|||||
| CVE-2022-0286 | 2 Linux, Oracle | 4 Linux Kernel, Communications Cloud Native Core Binding Support Function, Communications Cloud Native Core Network Exposure Function and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.
|
|||||
| CVE-2022-0240 | 1 Mruby | 1 Mruby | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
mruby is vulnerable to NULL Pointer Dereference
|
|||||
| CVE-2022-0168 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.
|
|||||
| CVE-2021-4217 | 3 Fedoraproject, Redhat, Unzip Project | 3 Fedora, Enterprise Linux, Unzip | 2024-11-21 | N/A | 3.3 LOW |
|
A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
|
|||||
| CVE-2021-4209 | 3 Gnu, Netapp, Redhat | 6 Gnutls, Active Iq Unified Manager, Hci Bootstrap Os and 3 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.
|
|||||
| CVE-2021-4198 | 1 Bitdefender | 5 Antivirus Plus, Endpoint Security Tools, Internet Security and 2 more | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
|
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security T ...
Show More |
|||||
| CVE-2021-4188 | 1 Mruby | 1 Mruby | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
mruby is vulnerable to NULL Pointer Dereference
|
|||||
| CVE-2021-4158 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2024-11-21 | N/A | 6.0 MEDIUM |
|
A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
|
|||||
| CVE-2021-4145 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2024-11-21 | 4.9 MEDIUM | 6.5 MEDIUM |
|
A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node.
|
|||||
| CVE-2021-4110 | 1 Mruby | 1 Mruby | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
mruby is vulnerable to NULL Pointer Dereference
|
|||||
| CVE-2021-4095 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | 1.9 LOW | 5.5 MEDIUM |
|
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.
|
|||||
| CVE-2021-4043 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0.
|
|||||
| CVE-2021-47619 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
i40e: Fix queues reservation for XDP
When XDP was configured on a system with large number of CPUs
and X722 NIC there was a call trace with NULL pointer dereference.
i40e 0000:87:00.0: failed to get tracking for 256 queues for VSI 0 err -12
i40e 0000:87:00.0: setup of MAIN VSI failed
BUG: kernel NULL pointer dereference, address: 0000000000000000
RIP: 0010:i40e_xdp+0xea/0x1b0 [i40e]
Call Trace:
? i40e_reconfig_rss_queues+0x1 ...
Show More |
|||||
| CVE-2021-47612 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
nfc: fix segfault in nfc_genl_dump_devices_done
When kmalloc in nfc_genl_dump_devices() fails then
nfc_genl_dump_devices_done() segfaults as below
KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
CPU: 0 PID: 25 Comm: kworker/0:1 Not tainted 5.16.0-rc4-01180-g2a987e65025e-dirty #5
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-6.fc35 04/01/2014
Workqueue: events netlink_sock_destruct_w ...
Show More |
|||||
| CVE-2021-47610 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/msm: Fix null ptr access msm_ioctl_gem_submit()
Fix the below null pointer dereference in msm_ioctl_gem_submit():
26545.260705: Call trace:
26545.263223: kref_put+0x1c/0x60
26545.266452: msm_ioctl_gem_submit+0x254/0x744
26545.270937: drm_ioctl_kernel+0xa8/0x124
26545.274976: drm_ioctl+0x21c/0x33c
26545.278478: drm_compat_ioctl+0xdc/0xf0
26545.282428: __arm64_compat_sys_ioctl+0xc8/0x100
26545.28 ...
Show More |
|||||
| CVE-2021-47601 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
tee: amdtee: fix an IS_ERR() vs NULL bug
The __get_free_pages() function does not return error pointers it returns
NULL so fix this condition to avoid a NULL dereference.
|
|||||