Total
4084 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12436 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit. | |||||
| CVE-2019-12435 | 1 Samba | 1 Samba | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process. | |||||
| CVE-2019-12412 | 1 Apache | 1 Libapreq2 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. | |||||
| CVE-2019-12382 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference | |||||
| CVE-2019-12381 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL | |||||
| CVE-2019-12378 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue | |||||
| CVE-2019-12312 | 1 Libreswan | 1 Libreswan | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expected IKE_AUTH exchange. This affects send_v2N_spi_response_from_state() in programs/pluto/ikev2_send.c that will then trigger a NULL pointer dereference leading to a restart of libreswan. | |||||
| CVE-2019-12259 | 4 Belden, Siemens, Sonicwall and 1 more | 49 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 46 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. | |||||
| CVE-2019-12218 | 1 Libsdl | 2 Sdl2 Image, Simple Directmedia Layer | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c. | |||||
| CVE-2019-12217 | 1 Libsdl | 2 Sdl2 Image, Simple Directmedia Layer | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c. | |||||
| CVE-2019-12175 | 1 Zeek | 1 Zeek | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, a NULL pointer dereference in the Kerberos (aka KRB) protocol parser leads to DoS because a case-type index is mishandled. | |||||
| CVE-2019-12155 | 1 Qemu | 1 Qemu | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference. | |||||
| CVE-2019-12111 | 2 Debian, Miniupnp Project | 2 Debian Linux, Miniupnpd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c. | |||||
| CVE-2019-12110 | 1 Miniupnp.free | 1 Miniupnpd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c. | |||||
| CVE-2019-12109 | 1 Miniupnp Project | 1 Miniupnpd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. | |||||
| CVE-2019-12108 | 1 Miniupnp Project | 1 Miniupnpd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. | |||||
| CVE-2019-12101 | 1 Libnyoci Project | 1 Libnyoci | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| coap_decode_option in coap.c in LibNyoci 0.07.00rc1 mishandles certain packets with "Uri-Path: (null)" and consequently allows remote attackers to cause a denial of service (segmentation fault). | |||||
| CVE-2019-12067 | 4 Debian, Fedoraproject, Qemu and 1 more | 5 Debian Linux, Fedora, Qemu and 2 more | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null. | |||||
| CVE-2019-11867 | 1 Realtek | 1 Ndis | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Realtek NDIS driver rt640x64.sys, file version 10.1.505.2015, fails to do any size checking on an input buffer from user space, which the driver assumes has a size greater than zero bytes. To exploit this vulnerability, an attacker must send an IRP with a system buffer size of 0. | |||||
| CVE-2019-11810 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free. | |||||