CWE:
 

Topic
Date
Author
Med.
Linux Kernel Keyctl Null Pointer Dereference
16.11.2016
Multiple
Med.
Samsung SystemUI fimg2d Null Pointer Dereference
09.09.2016
Cheetah Mobile
Low
Linux wacom Multiple Null Pointer Dereferences
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux visor (treo_attach) Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux visor clie_5_attach Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux aiptek Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux cdc_acm Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux digi_acceleport Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux mct_u232 Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Linux cypress_m8 Null Pointer Dereference
10.03.2016
Sergej Schumilo, Hendr...
Low
Apache Http Server 2.2.29 / 2.4.12 NULL Pointer Dereference
18.04.2015
Nicholas Lemonias
Med.
OS X 10.10 IOKit IntelAccelerator NULL Pointer Dereference
22.01.2015
Google Security Resear...
Med.
K7 Computing Multiple Products Null Pointer Dereference
11.12.2014
Kyriakos Economou
Med.
Windows TrackPopupMenu Win32k NULL Pointer Dereference
28.10.2014
Spencer McIntyre
Med.
Linux 3.10 libceph Null Pointer Dereference
10.07.2013
Chanam Park
Low
DartWebserver.dll 1.9.2 Null Pointer Dereference
09.04.2013
Anonymous
Med.
Corel Quattro Pro X6 Standard Edition NULL Pointer Dereference
08.03.2013
High-Tech Bridge Secur...
Med.
Firefly MediaServer Multiple Remote DoS Vulnerabilities
20.12.2012
High-Tech Bridge Secur...
High
Samsung Kies 2.3.2.12054_20 NULL Pointer Dereference and bypass
16.10.2012
High-Tech Bridge Secur...


CVEMAP Search Results

CVE
Details
Description
2018-07-05
Low
CVE-2018-13301

Vendor: Ffmpeg
Software: Ffmpeg
 

 
In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.

 
Low
CVE-2018-13303

Vendor: Ffmpeg
Software: Ffmpeg
 

 
In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.

 
2018-06-22
Low
CVE-2018-12648

Vendor: Exempi project
Software: Exempi
 

 
The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference.

 
2018-06-21
Medium
CVE-2018-0305

Vendor: Cisco
Software: Firepower 90...
 

 
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to force a NULL pointer dereference and cause a DoS condition. This vulnerability affects the following if configured to use Cisco Fabric Services: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69966, CSCve02435, CSCve04859, CSCve41590, CSCve41593, CSCve41601.

 
2018-06-19
Medium
CVE-2018-10945

Vendor: Cesanta
Software: Mongoose
 

 
The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function.

 
2018-06-15
Low
CVE-2018-12460

Vendor: Ffmpeg
Software: Ffmpeg
 

 
libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c.

 
2018-06-12
Medium
CVE-2018-12247

Vendor: Mruby
Software: Mruby
 

 
An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag).

 
Medium
CVE-2018-12249

Vendor: Mruby
Software: Mruby
 

 
An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class_real because "class BasicObject" is not properly supported in class.c.

 
2018-06-11
Medium
CVE-2017-5416

Vendor: Mozilla
Software: Firefox
 

 
In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. This vulnerability affects Firefox < 52 and Thunderbird < 52.

 
Low
CVE-2018-12102

Vendor: Md4c project
Software: MD4C
 

 
md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top