Total
4853 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40778 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-40774 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-40773 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-40768 | 3 Adobe, Apple, Microsoft | 3 Character Animator, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-40762 | 3 Adobe, Apple, Microsoft | 3 Character Animator, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-40761 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-40756 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-40750 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Bridge version 11.1.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-40742 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Audition version 14.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-40737 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Audition version 14.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-40576 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which allows attackers to cause a denial of service.
|
|||||
| CVE-2021-40575 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which allows attackers to cause a denial of service. This vulnerability is possibly due to an incomplete fix for CVE-2021-40566.
|
|||||
| CVE-2021-40565 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service.
|
|||||
| CVE-2021-40564 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.
|
|||||
| CVE-2021-40563 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service.
|
|||||
| CVE-2021-40559 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service.
|
|||||
| CVE-2021-40266 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | N/A | 6.5 MEDIUM |
|
FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference.
|
|||||
| CVE-2021-40264 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | N/A | 6.5 MEDIUM |
|
NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp.
|
|||||
| CVE-2021-40039 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
|
|||||
| CVE-2021-40031 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
|
|||||
| CVE-2021-40018 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2021-3739 | 3 Fedoraproject, Linux, Netapp | 18 Fedora, Linux Kernel, H300e and 15 more | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability.
|
|||||
| CVE-2021-3671 | 3 Debian, Netapp, Samba | 5 Debian Linux, Management Services For Element Software, Management Services For Netapp Hci and 2 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.
|
|||||
| CVE-2021-3659 | 3 Fedoraproject, Linux, Redhat | 17 Fedora, Linux Kernel, Codeready Linux Builder and 14 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.
|
|||||
| CVE-2021-3596 | 4 Debian, Fedoraproject, Imagemagick and 1 more | 4 Debian Linux, Fedora, Imagemagick and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.
|
|||||
| CVE-2021-3543 | 3 Fedoraproject, Nitro Enclaves Project, Redhat | 3 Fedora, Nitro Enclaves, Enterprise Linux | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.
|
|||||
| CVE-2021-3537 | 6 Debian, Fedoraproject, Netapp and 3 more | 20 Debian Linux, Fedora, Active Iq Unified Manager and 17 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.
|
|||||
| CVE-2021-3514 | 1 Redhat | 1 389 Directory Server | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.
|
|||||
| CVE-2021-3480 | 2 Fedoraproject, Slapi-nis Project | 2 Fedora, Slapi-nis | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.
|
|||||
| CVE-2021-3467 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.
|
|||||
| CVE-2021-3463 | 1 Lenovo | 125 Power Management Driver, Thinkpad 11e Gen 5, Thinkpad 11e Yoga Gen 6 and 122 more | 2024-11-21 | 4.9 MEDIUM | 4.2 MEDIUM |
|
A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error.
|
|||||
| CVE-2021-3449 | 12 Checkpoint, Debian, Fedoraproject and 9 more | 167 Multi-domain Management, Multi-domain Management Firmware, Quantum Security Gateway and 164 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). O ...
Show More |
|||||
| CVE-2021-3443 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.
|
|||||
| CVE-2021-3322 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. Zephyr versions >= >=2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p86r-gc4r-4mq3
|
|||||
| CVE-2021-3320 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 5.0 MEDIUM | 5.9 MEDIUM |
|
Type Confusion in 802154 ACK Frames Handling. Zephyr versions >= v2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-27r3-rxch-2hm7
|
|||||
| CVE-2021-3319 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 7.5 HIGH | 6.5 MEDIUM |
|
DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. Zephyr versions >= > v2.4.0 contain NULL Pointer Dereference (CWE-476), Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94jg-2p6q-5364
|
|||||
| CVE-2021-3236 | 1 Vim | 1 Vim | 2024-11-21 | N/A | 5.5 MEDIUM |
|
vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method.
|
|||||
| CVE-2021-3119 | 1 Zetetic | 1 Sqlcipher | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command sequence, which causes a segmentation fault.
|
|||||
| CVE-2021-39973 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.
|
|||||
| CVE-2021-39928 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
|
|||||