CWE:
 

Topic
Date
Author
Med.
Linux Kernel Keyctl Null Pointer Dereference
16.11.2016
Multiple
Med.
Samsung SystemUI fimg2d Null Pointer Dereference
09.09.2016
Cheetah Mobile
Low
Linux wacom Multiple Null Pointer Dereferences
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux visor (treo_attach) Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux visor clie_5_attach Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux aiptek Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux cdc_acm Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux digi_acceleport Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux mct_u232 Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux cypress_m8 Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Apache Http Server 2.2.29 / 2.4.12 NULL Pointer Dereference
18.04.2015
Nicholas Lemonias
Med.
OS X 10.10 IOKit IntelAccelerator NULL Pointer Dereference
22.01.2015
Google Security Resear...
Med.
K7 Computing Multiple Products Null Pointer Dereference
11.12.2014
Kyriakos Economou
Med.
Windows TrackPopupMenu Win32k NULL Pointer Dereference
28.10.2014
Spencer McIntyre
Med.
Linux 3.10 libceph Null Pointer Dereference
10.07.2013
Chanam Park
Low
DartWebserver.dll 1.9.2 Null Pointer Dereference
09.04.2013
Anonymous
Med.
Corel Quattro Pro X6 Standard Edition NULL Pointer Dereference
08.03.2013
High-Tech Bridge Secur...
Med.
Firefly MediaServer Multiple Remote DoS Vulnerabilities
20.12.2012
High-Tech Bridge Secur...
High
Samsung Kies 2.3.2.12054_20 NULL Pointer Dereference and bypass
16.10.2012
High-Tech Bridge Secur...


CVEMAP Search Results

CVE
Details
Description
2018-03-30
Medium
CVE-2018-9151

Vendor: Kingsoft
Software: Internet sec...
 

 
A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys allows local non-privileged users to crash the system via IOCTL 0x80030030.

 
Low
CVE-2018-9132

Vendor: Libming
Software: Libming
 

 
libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.

 
2018-03-26
Low
CVE-2017-18253

Vendor: Imagemagick
Software: Imagemagick
 

 
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.

 
Low
CVE-2017-18250

Vendor: Imagemagick
Software: Imagemagick
 

 
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.

 
Low
CVE-2018-1302

Vendor: Apache
Software: Http server
 

 
When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.

 
2018-03-23
Low
CVE-2017-18247

Vendor: Libav
Software: Libav
 

 
The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.

 
2018-03-21
Medium
CVE-2017-18241

Vendor: Linux
Software: Linux kernel
 

 
fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.

 
Medium
CVE-2018-7515

Vendor: Omron
Software: Cx-supervisor
 

 
In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets.

 
Medium
CVE-2018-7525

Vendor: Omron
Software: Cx-supervisor
 

 
In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability.

 
2018-03-19
Medium
CVE-2018-7262

Vendor: CEPH
Software: CEPH
 

 
In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top