Export limit exceeded: 344055 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5298 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2516 | 1 Microsoft | 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-09 | 7.1 High |
| The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gain privileges via a crafted PE .exe file that triggers a NULL pointer dereference during chain traversal, aka "Windows Kernel NULL Pointer Dereference Vulnerability." | ||||
| CVE-2009-2703 | 2 Pidgin, Redhat | 3 Libpurple, Pidgin, Enterprise Linux | 2025-04-09 | N/A |
| libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string. | ||||
| CVE-2009-2732 | 1 Ntop | 1 Ntop | 2025-04-09 | N/A |
| The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : (colon) character in the base64-decoded string. | ||||
| CVE-2009-2767 | 1 Linux | 2 Kernel, Linux Kernel | 2025-04-09 | N/A |
| The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW clock_nanosleep call that triggers a NULL pointer dereference. | ||||
| CVE-2009-2768 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 7.8 High |
| The load_flat_shared_library function in fs/binfmt_flat.c in the flat subsystem in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by executing a shared flat binary, which triggers an access of an "uninitialized cred pointer." | ||||
| CVE-2009-3550 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-09 | N/A |
| The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-2698 | 6 Canonical, Fedoraproject, Linux and 3 more | 14 Ubuntu Linux, Fedora, Linux Kernel and 11 more | 2025-04-09 | 7.8 High |
| The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket. | ||||
| CVE-2009-3726 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-09 | N/A |
| The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state. | ||||
| CVE-2009-3623 | 1 Linux | 1 Linux Kernel | 2025-04-09 | N/A |
| The lookup_cb_cred function in fs/nfsd/nfs4callback.c in the nfsd4 subsystem in the Linux kernel before 2.6.31.2 attempts to access a credentials cache even when a client specifies the AUTH_NULL authentication flavor, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an NFSv4 mount request. | ||||
| CVE-2009-3620 | 6 Canonical, Fedoraproject, Linux and 3 more | 11 Ubuntu Linux, Fedora, Linux Kernel and 8 more | 2025-04-09 | 7.8 High |
| The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. | ||||
| CVE-2009-2908 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount. | ||||
| CVE-2009-2849 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-09 | N/A |
| The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker. | ||||
| CVE-2009-1387 | 3 Canonical, Openssl, Redhat | 4 Ubuntu Linux, Openssl, Enterprise Linux and 1 more | 2025-04-09 | N/A |
| The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug." | ||||
| CVE-2009-1386 | 3 Canonical, Openssl, Redhat | 4 Ubuntu Linux, Openssl, Enterprise Linux and 1 more | 2025-04-09 | N/A |
| ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello. | ||||
| CVE-2008-3832 | 2 Linux, Redhat | 2 Linux Kernel, Fedora | 2025-04-09 | N/A |
| A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or hang) via a call to the utrace_control function. | ||||
| CVE-2007-0887 | 1 Gecad Technologies | 1 Axigen Mail Server | 2025-04-09 | N/A |
| axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp). | ||||
| CVE-2007-0039 | 1 Microsoft | 1 Exchange Server | 2025-04-09 | N/A |
| The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception. | ||||
| CVE-2006-6565 | 1 Filezilla-project | 1 Filezilla Server | 2025-04-09 | N/A |
| FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wildcard argument to the (1) LIST or (2) NLST commands, which results in a NULL pointer dereference, a different set of vectors than CVE-2006-6564. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command. | ||||
| CVE-2006-4343 | 4 Canonical, Debian, Openssl and 1 more | 5 Ubuntu Linux, Debian Linux, Openssl and 2 more | 2025-04-09 | N/A |
| The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. | ||||
| CVE-2009-3547 | 8 Canonical, Fedoraproject, Linux and 5 more | 17 Ubuntu Linux, Fedora, Linux Kernel and 14 more | 2025-04-09 | 7.0 High |
| Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. | ||||