Total
4853 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22471 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
|
|||||
| CVE-2021-22462 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.
|
|||||
| CVE-2021-22459 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable.
|
|||||
| CVE-2021-22318 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service.
|
|||||
| CVE-2021-21702 | 4 Debian, Netapp, Oracle and 1 more | 4 Debian Linux, Clustered Data Ontap, Communications Diameter Signaling Router and 1 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash.
|
|||||
| CVE-2021-21057 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.6 MEDIUM |
|
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve denial of service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-20596 | 1 Mitsubishielectric | 3 Fx3u-enet-l Firmware, Fx3u-enet-p502 Firmware, Fx3u-enet Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
NULL Pointer Dereference in MELSEC-F Series FX3U-ENET firmware version 1.14 and prior, FX3U-ENET-L firmware version 1.14 and prior and FX3U-ENET-P502 firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a DoS condition in communication by sending specially crafted packets. Control by MELSEC-F series PLC is not affected and system reset is required for recovery.
|
|||||
| CVE-2021-20299 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.
|
|||||
| CVE-2021-20296 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availability.
|
|||||
| CVE-2021-20274 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A flaw was found in privoxy before 3.0.32. A crash may occur due a NULL-pointer dereference when the socks server misbehaves.
|
|||||
| CVE-2021-20213 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed.
|
|||||
| CVE-2021-20196 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
|
A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
|
|||||
| CVE-2021-1946 | 1 Qualcomm | 196 Apq8017, Apq8017 Firmware, Apq8053 and 193 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
|
|||||
| CVE-2021-1939 | 1 Qualcomm | 216 Apq8009, Apq8009 Firmware, Apq8009w and 213 more | 2024-11-21 | 4.9 MEDIUM | 8.4 HIGH |
|
Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
|
|||||
| CVE-2021-1936 | 1 Qualcomm | 244 Apq8009w, Apq8009w Firmware, Apq8017 and 241 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
|
|||||
| CVE-2021-1935 | 1 Qualcomm | 352 Apq8009, Apq8009 Firmware, Apq8017 and 349 more | 2024-11-21 | 4.9 MEDIUM | 7.1 HIGH |
|
Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
|
|||||
| CVE-2021-1917 | 1 Qualcomm | 168 Apq8017, Apq8017 Firmware, Apq8053 and 165 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
Null pointer dereference can occur due to memory allocation failure in DIAG in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables
|
|||||
| CVE-2021-1274 | 1 Cisco | 13 Catalyst Sd-wan Manager, Ios Xe Sd-wan, Sd-wan Firmware and 10 more | 2024-11-21 | 7.8 HIGH | 8.6 HIGH |
|
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
|
|||||
| CVE-2021-1122 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service.
|
|||||
| CVE-2021-1116 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.
|
|||||
| CVE-2021-1115 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
|
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial of service in a component beyond the vulnerable component.
|
|||||
| CVE-2021-1112 | 1 Nvidia | 8 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 5 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.
|
|||||
| CVE-2021-1103 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).
|
|||||
| CVE-2021-1101 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).
|
|||||
| CVE-2021-1096 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash.
|
|||||
| CVE-2021-1095 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service.
|
|||||
| CVE-2021-1078 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash.
|
|||||
| CVE-2021-1075 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 5.6 MEDIUM | 7.3 HIGH |
|
NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of service, or escalation of privileges. Attacker does not have any control over the information and may conduct limited data modification.
|
|||||
| CVE-2021-1069 | 2 Google, Nvidia | 9 Android, Jetson Agx Xavier, Jetson Nano and 6 more | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
|
NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a null pointer reference, causing data loss.
|
|||||
| CVE-2021-1064 | 5 Citrix, Nutanix, Nvidia and 2 more | 5 Hypervisor, Ahv, Virtual Gpu Manager and 2 more | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which it obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).
|
|||||
| CVE-2021-1022 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-180420059
|
|||||
| CVE-2021-0555 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In RenderStruct of protostream_objectsource.cc, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-179161711
|
|||||
| CVE-2021-0251 | 1 Juniper | 17 Junos, Mx10, Mx10003 and 14 more | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
|
A NULL Pointer Dereference vulnerability in the Captive Portal Content Delivery (CPCD) services daemon (cpcd) of Juniper Networks Junos OS on MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC allows an attacker to send malformed HTTP packets to the device thereby causing a Denial of Service (DoS), crashing the Multiservices PIC Management Daemon (mspmand) process thereby denying users the ability to login, while concurrently impacting other mspmand services and traffic through the device. Continu ...
Show More |
|||||
| CVE-2021-0206 | 1 Juniper | 17 Junos, Nfx150, Nfx250 and 14 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to send a specific packet causing the packet forwarding engine (PFE) to crash and restart, resulting in a Denial of Service (DoS). By continuously sending these specific packets, an attacker can repeatedly disable the PFE causing a sustained Denial of Service (DoS). This issue only affects Juniper Networks NFX Series, SRX Series platforms when SSL Proxy is configured. This issue affects Juniper Networks Juno ...
Show More |
|||||
| CVE-2020-9746 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2024-11-21 | 9.3 HIGH | 7.0 HIGH |
|
Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response that is by default delivered over TLS/SSL.
|
|||||
| CVE-2020-9610 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a null pointer vulnerability. Successful exploitation could lead to application denial-of-service.
|
|||||
| CVE-2020-9545 | 1 Palemoon | 1 Pale Moon | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Pale Moon 28.x before 28.8.4 has a segmentation fault related to module scripting, as demonstrated by a Lacoste web site.
|
|||||
| CVE-2020-9453 | 1 Epson | 1 Iprojection | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. (0x9C402402 has only a NULL pointer dereference.) This affects \Device\EMPMPAUIO and \DosDevices\EMPMPAU.
|
|||||
| CVE-2020-9429 | 2 Opensuse, Wireshark | 2 Leap, Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.
|
|||||
| CVE-2020-9385 | 1 Zint | 1 Zint | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A NULL Pointer Dereference exists in libzint in Zint 2.7.1 because multiple + characters are mishandled in add_on in upcean.c, when called from eanx in upcean.c during EAN barcode generation.
|
|||||