Search Results (5723 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-8825 1 Libetpan Project 1 Libetpan 2025-04-20 N/A
A null dereference vulnerability has been found in the MIME handling component of LibEtPan before 1.8, as used in MailCore and MailCore 2. A crash can occur in low-level/imf/mailimf.c during a failed parse of a Cc header containing multiple e-mail addresses.
CVE-2017-9229 4 Oniguruma Project, Php, Redhat and 1 more 4 Oniguruma, Php, Rhel Software Collections and 1 more 2025-04-20 7.5 High
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition.
CVE-2017-9631 1 Schneider-electric 1 Wonderware Archestra Logger 2025-04-20 7.5 High
A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The null pointer dereference vulnerability could allow an attacker to crash the logger process, causing a denial of service for logging and log-viewing (applications that use the Wonderware ArchestrA Logger continue to run when the Wonderware ArchestrA Logger service is unavailable).
CVE-2017-6846 1 Podofo Project 1 Podofo 2025-04-20 N/A
The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-6848 1 Podofo Project 1 Podofo 2025-04-20 N/A
The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2016-9813 2 Gstreamer, Redhat 2 Gstreamer, Enterprise Linux 2025-04-20 N/A
The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
CVE-2016-5029 1 Libdwarf Project 1 Libdwarf 2025-04-20 6.5 Medium
The create_fullest_file_path function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted dwarf file.
CVE-2017-12192 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-20 N/A
The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation.
CVE-2017-5023 2 Google, Redhat 2 Chrome, Rhel Extras 2025-04-20 N/A
Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page.
CVE-2014-3164 1 Google 1 Android 2025-04-20 N/A
cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths.
CVE-2015-7977 9 Canonical, Debian, Fedoraproject and 6 more 13 Ubuntu Linux, Debian Linux, Fedora and 10 more 2025-04-20 5.9 Medium
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
CVE-2016-10189 1 Bitlbee 2 Bitlbee, Bitlbee-libpurple 2025-04-20 N/A
BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.
CVE-2017-1000050 4 Canonical, Fedoraproject, Jasper Project and 1 more 7 Ubuntu Linux, Fedora, Jasper and 4 more 2025-04-20 7.5 High
JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.
CVE-2017-5970 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-20 N/A
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
CVE-2015-5195 5 Canonical, Debian, Fedoraproject and 2 more 9 Ubuntu Linux, Debian Linux, Fedora and 6 more 2025-04-20 N/A
ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.
CVE-2016-2318 4 Debian, Graphicsmagick, Opensuse and 1 more 7 Debian Linux, Graphicsmagick, Leap and 4 more 2025-04-20 N/A
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.
CVE-2017-15721 2 Debian, Irssi 2 Debian Linux, Irssi 2025-04-20 N/A
In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468.
CVE-2016-10250 1 Jasper Project 1 Jasper 2025-04-20 N/A
The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8887.
CVE-2017-5969 1 Xmlsoft 1 Libxml2 2025-04-20 N/A
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
CVE-2017-15723 2 Debian, Irssi 2 Debian Linux, Irssi 2025-04-20 N/A
In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message.