Vulnerabilities (CVE)

CWE filter

CWE-476

Filter

770 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-8377 1 Appneta 1 Tcpreplay 2019-02-21 6.8
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause...
CVE-2019-8376 1 Appneta 1 Tcpreplay 2019-02-21 6.8
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a...
CVE-2019-8357 2 Soundexchange, Sound Exchange Project 2 Sound Exchange, Sound Exchange 2019-02-21 4.3
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference.
CVE-2017-7659 1 Apache 1 Http Server 2019-02-20 5.0
A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process.
CVE-2019-8379 2019-02-20 6.8
An issue was discovered in AdvanceCOMP before 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of...
CVE-2019-8413 1 Xiaomi 1 Mi Mix 2 Firmware 2019-02-20 4.9
On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka decimal 1074316661).
CVE-2019-8382 1 Axiosys 1 Bento4 2019-02-19 6.8
An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when called from Core/Ap4Movie.cpp. It can be triggered by sending a crafted file to the mp4dump binary. It...
CVE-2019-8380 1 Axiosys 1 Bento4 2019-02-19 6.8
An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in AP4_Track::GetSampleIndexForTimeStampMs() located in Core/Ap4Track.cpp. It can triggered by sending a crafted file to the mp4audioclip binary. It allows an attacker...
CVE-2018-1302 2 Apache, Debian 2 Http Server, Debian Linux 2019-02-19 4.3
When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability...
CVE-2018-1000168 1 Nghttp2 1 Nghttp2 2019-02-19 5.0
nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via...
CVE-2018-19210 1 Libtiff 1 Libtiff 2019-02-18 4.3
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
CVE-2018-17000 1 Libtiff 1 Libtiff 2019-02-18 4.3
A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be...
CVE-2019-5914 1 Nttdocomo 1 V20 Pro L-01j Firmware 2019-02-15 5.7
V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer exception flaw that can be used by an attacker to cause the device to crash on the same network range via a specially crafted access point.
CVE-2019-7702 1 Webassembly 1 Binaryen 2019-02-11 4.3
A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as.
CVE-2018-19407 1 Linux 1 Linux Kernel 2019-02-09 4.9
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
CVE-2018-1066 1 Linux 1 Linux Kernel 2019-02-09 7.1
The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty...
CVE-2018-20751 1 Podofo Project 1 Podofo 2019-02-08 6.8
An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer...
CVE-2018-9190 1 Fortiguard 1 Forticlient 2019-02-08 4.9
A null pointer dereference vulnerability in Fortinet FortiClientWindows 6.0.2 and earlier allows attacker to cause a denial of service via the NDIS miniport driver.
CVE-2017-3135 4 Isc, Netapp, Debian and 1 more 10 Bind, Data Ontap Edge, Element Software Management Node and 7 more 2019-02-08 4.3
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8,...
CVE-2018-11803 2 Apache, Canonical 2 Subversion, Ubuntu Linux 2019-02-08 5.0
Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.