Export limit exceeded: 363286 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5705 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20266 | 1 Cisco | 1 Ios Xr Software | 2026-04-15 | 5.3 Medium |
| A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a crash of the dhcpd process. While the dhcpd process is restarting, which may take approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period and rely on the DHCPv4 server of the affected device. Notes: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload. This vulnerability only applies to DHCPv4. DHCP version 6 (DHCPv6) is not affected. | ||||
| CVE-2025-20262 | 1 Cisco | 4 Nexus, Nexus 3000, Nexus 9000 and 1 more | 2026-04-15 | 5 Medium |
| A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes. | ||||
| CVE-2024-24194 | 1 Robdns | 1 Robdns | 2026-04-15 | 7.5 High |
| robdns commit d76d2e6 was discovered to contain a NULL pointer dereference via the item->tokens component at /src/conf-parse.c. | ||||
| CVE-2025-2957 | 2026-04-15 | 6.5 Medium | ||
| A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub_401DB0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-2956 | 2026-04-15 | 6.5 Medium | ||
| A vulnerability was found in TRENDnet TI-G102i 1.0.7.S0_ /1.0.8.S0_ and classified as problematic. This issue affects the function plugins_call_handle_uri_raw of the file /usr/sbin/lighttpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-39130 | 1 Wangf1978 | 1 Dumpts | 2026-04-15 | 7.5 High |
| A NULL Pointer Dereference discovered in DumpTS v0.1.0-nightly allows attackers to cause a denial of service via the function DumpOneStream() at /src/DumpStream.cpp. | ||||
| CVE-2024-39132 | 2026-04-15 | 6.5 Medium | ||
| A NULL Pointer Dereference vulnerability in DumpTS v0.1.0-nightly allows attackers to cause a denial of service via the function VerifyCommandLine() at /src/DumpTS.cpp. | ||||
| CVE-2024-39356 | 2026-04-15 | 7.4 High | ||
| NULL pointer dereference in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2025-61668 | 1 Plone | 1 Volto | 2026-04-15 | N/A |
| Volto is a ReactJS-based frontend for the Plone Content Management System. Versions 16.34.0 and below, 17.0.0 through 17.22.1, 18.0.0 through 18.27.1, and 19.0.0-alpha.1 through 19.0.0-alpha.5, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a specific URL. This issue is fixed in versions 16.34.1, 17.22.2, 18.27.2 and 19.0.0-alpha.6. | ||||
| CVE-2024-12227 | 1 Msi | 1 Dragon Center | 2026-04-15 | 5.5 Medium |
| A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. Upgrading to version 2.0.148.0 is able to address this issue. It is recommended to upgrade the affected component. | ||||
| CVE-2024-24442 | 2026-04-15 | 7.5 High | ||
| A NULL pointer dereference in the ngap_app::handle_receive routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP message. | ||||
| CVE-2024-24443 | 2026-04-15 | 6.5 Medium | ||
| An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDU Session Resource Setup Response. | ||||
| CVE-2025-23332 | 2 Linux, Nvidia | 10 Linux, Display Driver, Driver and 7 more | 2026-04-15 | 5 Medium |
| NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2025-25471 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-15 | 4.3 Medium |
| FFmpeg git master before commit fd1772 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c. | ||||
| CVE-2025-25473 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-15 | 5.3 Medium |
| FFmpeg git master before commit c08d30 was discovered to contain a memory leak in the avformat_free_context function in libavutil/mem.c. | ||||
| CVE-2024-24445 | 2026-04-15 | 6.5 Medium | ||
| OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is unsupported, OAI indexes into a null function pointer and subsequently dereferences it. | ||||
| CVE-2024-24446 | 1 Openairinterface | 1 Cn5g Amf | 2026-04-15 | 6.5 Medium |
| An uninitialized pointer dereference in OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialContextSetupResponse message sent to the AMF. | ||||
| CVE-2024-3186 | 1 Embedthis | 1 Goahead | 2026-04-15 | 5.3 Medium |
| CWE-476 NULL Pointer Dereference vulnerability in the evalExpr() function of GoAhead Web Server (version <= 6.0.0) when compiled with the ME_GOAHEAD_JAVASCRIPT flag. This vulnerability allows a remote attacker with the privileges to modify JavaScript template (JST) files to trigger a crash and cause a Denial of Service (DoS) by providing malicious templates. | ||||
| CVE-2024-3184 | 1 Embedthis | 1 Goahead | 2026-04-15 | 5.9 Medium |
| Multiple CWE-476 NULL Pointer Dereference vulnerabilities were found in GoAhead Web Server up to version 6.0.0 when compiled with the ME_GOAHEAD_REPLACE_MALLOC flag. Without a memory notifier for allocation failures, remote attackers can exploit these vulnerabilities by sending malicious requests, leading to a crash and Denial of Service (DoS). | ||||
| CVE-2023-51391 | 1 Silabs | 1 Gecko Software Development Kit | 2026-04-15 | 7.5 High |
| A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service. | ||||