Export limit exceeded: 356092 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5585 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-14928 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2025-04-20 | 5.5 Medium |
| In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document. | ||||
| CVE-2017-14927 | 1 Freedesktop | 1 Poppler | 2025-04-20 | N/A |
| In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0() function in SplashOutputDev.cc via a crafted PDF document. | ||||
| CVE-2017-14926 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2025-04-20 | 5.5 Medium |
| In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document. | ||||
| CVE-2017-14863 | 1 Exiv2 | 1 Exiv2 | 2025-04-20 | N/A |
| A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
| CVE-2016-5027 | 1 Libdwarf Project | 1 Libdwarf | 2025-04-20 | N/A |
| dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a denial of service (crash) via a crafted elf file. | ||||
| CVE-2017-14340 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-20 | N/A |
| The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory. | ||||
| CVE-2017-14318 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mapping to the calling domain exists for the page in question. However, the function does not check to see if the owning domain actually has a grant table or not. Some special domains, such as `DOMID_XEN`, `DOMID_IO` and `DOMID_COW` are created without grant tables. Hence, if __gnttab_cache_flush operates on a page owned by these special domains, it will attempt to dereference a NULL pointer in the domain struct. | ||||
| CVE-2017-14228 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2025-04-20 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service. | ||||
| CVE-2017-14225 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in libavcodec/utils.c, leading to a NULL pointer dereference. (It is also conceivable that there is security relevance for a NULL pointer dereference in av_color_primaries_name calls within the ffprobe command-line program.) | ||||
| CVE-2017-14181 | 1 Aacplusenc Project | 1 Aacplusenc | 2025-04-20 | N/A |
| DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid memory write, SEGV on unknown address 0x000000000030, and application crash) or possibly have unspecified other impact via a crafted .wav file, aka a NULL pointer dereference. | ||||
| CVE-2017-14149 | 1 Embedthis | 1 Goahead | 2025-04-20 | N/A |
| GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request. | ||||
| CVE-2017-14121 | 2 Debian, Rarlab | 2 Debian Linux, Unrar | 2025-04-20 | 5.5 Medium |
| The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references. | ||||
| CVE-2017-13135 | 1 Libbpg Project | 1 Libbpg | 2025-04-20 | N/A |
| A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure. | ||||
| CVE-2017-12476 | 1 Bento4 | 1 Bento4 | 2025-04-20 | N/A |
| The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | ||||
| CVE-2017-12475 | 1 Axiosys | 1 Bento4 | 2025-04-20 | N/A |
| The AP4_Processor::Process function in Core/Ap4Processor.cpp in Bento4 mp4encrypt before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | ||||
| CVE-2017-12474 | 1 Bento4 | 1 Bento4 | 2025-04-20 | N/A |
| The AP4_AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable.cpp in Bento4 mp42ts before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | ||||
| CVE-2017-12457 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file. | ||||
| CVE-2017-11189 | 1 Rarzilla | 1 Unrar-free | 2025-04-20 | 6.5 Medium |
| unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the same as what was separately reported as CVE-2017-14121. | ||||
| CVE-2017-11125 | 1 Xar Project | 1 Xar | 2025-04-20 | N/A |
| libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c. | ||||
| CVE-2017-11124 | 1 Xar Project | 1 Xar | 2025-04-20 | N/A |
| libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c. | ||||