Total
3856 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-6460 | 1 Gnu | 1 Recutils | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_field_set_name() in the file rec-field.c in librec.a. | |||||
| CVE-2019-6456 | 1 Gnu | 1 Recutils | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a. | |||||
| CVE-2019-6445 | 1 Ntpsec | 1 Ntpsec | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem. | |||||
| CVE-2019-6137 | 1 Mz-automation | 1 Lib60870 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference. | |||||
| CVE-2019-5914 | 1 Nttdocomo | 2 V20 Pro L-01j, V20 Pro L-01j Firmware | 2024-11-21 | 5.7 MEDIUM | 5.3 MEDIUM |
| V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer exception flaw that can be used by an attacker to cause the device to crash on the same network range via a specially crafted access point. | |||||
| CVE-2019-5691 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a NULL pointer is dereferenced, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2019-5668 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2019-5667 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to code execution, denial of service or escalation of privileges. | |||||
| CVE-2019-5256 | 1 Huawei | 34 Ap2000, Ap2000 Firmware, Espace U1981 and 31 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot. | |||||
| CVE-2019-5235 | 1 Huawei | 100 Alp-al00b, Alp-al00b Firmware, Alp-tl00b and 97 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal. | |||||
| CVE-2019-5055 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in an invalid sequence to the <WFAWLANConfig:1#PutMessage> service can cause a null pointer dereference, resulting in the hostapd service crashing. An unauthenticated attacker can send a specially-crafted SOAP request to trigger this vulnerability. | |||||
| CVE-2019-5054 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP service crashing. An unauthenticated attacker can send a specially crafted HTTP request to trigger this vulnerability. | |||||
| CVE-2019-5010 | 4 Debian, Opensuse, Python and 1 more | 7 Debian Linux, Leap, Python and 4 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability. | |||||
| CVE-2019-5008 | 1 Qemu | 1 Qemu | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver. | |||||
| CVE-2019-5007 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing. | |||||
| CVE-2019-5006 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing. | |||||
| CVE-2019-3995 | 2 Elog Project, Fedoraproject | 2 Elog, Fedora | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request. | |||||
| CVE-2019-3840 | 2 Opensuse, Redhat | 2 Leap, Libvirt | 2024-11-21 | 3.5 LOW | 5.8 MEDIUM |
| A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service. | |||||
| CVE-2019-2334 | 1 Qualcomm | 88 Mdm9150, Mdm9150 Firmware, Mdm9206 and 85 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Null pointer dereferencing can happen when playing the clip with wrong block group id in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016 | |||||
| CVE-2019-2264 | 1 Qualcomm | 52 Mdm9607, Mdm9607 Firmware, Mdm9640 and 49 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Null pointer dereference occurs for channel context while opening glink channel in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MDM9640, MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SDM439, SDM630, SDM660, SDX24 | |||||