Search Results (5721 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-15306 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-20 N/A
The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm.
CVE-2017-15299 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-20 N/A
The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call.
CVE-2017-12779 1 Matroska 1 Mkvalidator 2025-04-20 N/A
The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
CVE-2017-4925 2 Apple, Vmware 5 Mac Os X, Esxi, Fusion and 2 more 2025-04-20 5.5 Medium
VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
CVE-2017-6847 1 Podofo Project 1 Podofo 2025-04-20 N/A
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-4938 1 Vmware 2 Fusion, Workstation 2025-04-20 N/A
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
CVE-2017-0315 2 Microsoft, Nvidia 2 Windows, Gpu Driver 2025-04-20 N/A
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an attempt to access an invalid object pointer may lead to denial of service or potential escalation of privileges.
CVE-2017-0341 2 Microsoft, Nvidia 2 Windows, Gpu Driver 2025-04-20 N/A
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input can trigger an access to a pointer that has not been initialized which may lead to denial of service or potential escalation of privileges.
CVE-2017-3169 2 Apache, Redhat 5 Http Server, Enterprise Linux, Jboss Core Services and 2 more 2025-04-20 N/A
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
CVE-2017-5969 1 Xmlsoft 1 Libxml2 2025-04-20 N/A
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
CVE-2017-9051 1 Libav 1 Libav 2025-04-20 N/A
libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.
CVE-2017-9083 1 Freedesktop 1 Poppler 2025-04-20 N/A
poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.
CVE-2014-3164 1 Google 1 Android 2025-04-20 N/A
cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths.
CVE-2017-1000201 2 Redhat, Tcmu-runner Project 2 Storage, Tcmu-runner 2025-04-20 N/A
The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a local denial of service attack
CVE-2017-15920 1 Watchdogdevelopment 2 Anti-malware, Online Security Pro 2025-04-20 N/A
In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated.
CVE-2017-5991 2 Artifex, Debian 2 Mupdf, Debian Linux 2025-04-20 7.5 High
An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.
CVE-2017-6463 2 Ntp, Redhat 2 Ntp, Enterprise Linux 2025-04-20 N/A
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
CVE-2016-4780 1 Apple 1 Mac Os X 2025-04-20 N/A
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
CVE-2017-10965 1 Irssi 1 Irssi 2025-04-20 N/A
An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer.
CVE-2022-23525 2 Helm, Redhat 2 Helm, Openshift 2025-04-18 5.3 Medium
Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the _repo_package. The _repo_ package contains a handler that processes the index file of a repository. For example, the Helm client adds references to chart repositories where charts are managed. The _repo_ package parses the index file of the repository and loads it into structures Go can work with. Some index files can cause array data structures to be created causing a memory violation. Applications that use the _repo_ package in the Helm SDK to parse an index file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with an index file that causes a memory violation panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate index files that are correctly formatted before passing them to the _repo_ functions.