Search Results (5723 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-1922 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-12 5.5 Medium
QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'current_cpu' remains null, which leads to the null pointer dereference. A user or process could use this flaw to crash the QEMU instance, resulting in DoS issue.
CVE-2016-1865 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2025-04-12 N/A
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2016-9294 1 Artifex 1 Mujs 2025-04-12 7.5 High
Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent attackers to conduct "denial of service (application crash)" attacks by using the "malformed labeled break/continue in JavaScript" approach, related to a "NULL pointer dereference" issue affecting the jscompile.c component.
CVE-2016-9117 1 Uclouvain 1 Openjpeg 2025-04-12 N/A
NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
CVE-2016-9116 1 Uclouvain 1 Openjpeg 2025-04-12 N/A
NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
CVE-2016-9114 1 Uclouvain 1 Openjpeg 2025-04-12 N/A
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
CVE-2016-9113 1 Uclouvain 1 Openjpeg 2025-04-12 N/A
There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
CVE-2014-0101 4 Canonical, F5, Linux and 1 more 30 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 27 more 2025-04-12 N/A
The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
CVE-2015-7068 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2025-04-12 N/A
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
CVE-2015-3146 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2025-04-12 N/A
The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet.
CVE-2014-4342 3 Debian, Mit, Redhat 8 Debian Linux, Kerberos, Kerberos 5 and 5 more 2025-04-12 N/A
MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.
CVE-2014-0198 7 Debian, Fedoraproject, Mariadb and 4 more 11 Debian Linux, Fedora, Mariadb and 8 more 2025-04-12 N/A
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.
CVE-2014-0190 4 Canonical, Fedoraproject, Opensuse and 1 more 4 Ubuntu Linux, Fedora, Opensuse and 1 more 2025-04-12 N/A
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
CVE-2013-4119 1 Freerdp 1 Freerdp 2025-04-12 N/A
FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished.
CVE-2013-4118 2 Freerdp, Opensuse 3 Freerdp, Leap, Opensuse 2025-04-12 N/A
FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
CVE-2015-1721 1 Microsoft 9 Windows 7, Windows 8, Windows 8.1 and 6 more 2025-04-12 N/A
The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer Dereference Vulnerability."
CVE-2015-8324 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-12 N/A
The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function.
CVE-2016-2391 3 Canonical, Debian, Qemu 3 Ubuntu Linux, Debian Linux, Qemu 2025-04-12 5.0 Medium
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
CVE-2016-2198 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-12 5.5 Medium
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting in DoS.
CVE-2015-1803 4 Canonical, Debian, Redhat and 1 more 4 Ubuntu Linux, Debian Linux, Enterprise Linux and 1 more 2025-04-12 N/A
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file.