Vulnerabilities (CVE)

Filtered by CWE-476
Total 5358 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-7655 2 Debian, Eclipse 2 Debian Linux, Mosquitto 2026-06-17 5.0 MEDIUM 7.5 HIGH
In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vulnerability was found in the Mosquitto library which could lead to crashes for those applications using the library.
CVE-2017-7614 1 Gnu 1 Binutils 2026-06-17 7.5 HIGH 9.8 CRITICAL
elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program.
CVE-2017-7522 1 Openvpn 1 Openvpn 2026-06-17 4.0 MEDIUM 6.5 MEDIUM
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.
CVE-2017-7511 1 Freedesktop 1 Poppler 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.
CVE-2017-7507 1 Gnu 1 Gnutls 2026-06-17 5.0 MEDIUM 7.5 HIGH
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application.
CVE-2017-7502 1 Mozilla 1 Network Security Services 2026-06-17 5.0 MEDIUM 7.5 HIGH
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.
CVE-2017-7475 1 Cairographics 1 Cairo 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
CVE-2017-7458 1 Ntop 1 Ntopng 2026-06-17 5.0 MEDIUM 7.5 HIGH
The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address.
CVE-2017-7453 1 Entropymine 1 Imageworsener 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-7452 1 Entropymine 1 Imageworsener 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-7383 1 Podofo Project 1 Podofo 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
CVE-2017-7382 1 Podofo Project 1 Podofo 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
CVE-2017-7381 1 Podofo Project 1 Podofo 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
CVE-2017-7380 1 Podofo Project 1 Podofo 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
CVE-2017-7374 1 Linux 1 Linux Kernel 2026-06-17 7.2 HIGH 7.8 HIGH
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.
CVE-2017-7274 1 Radare 1 Radare2 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file.
CVE-2017-7243 1 Eclipse 1 Tinydtls 2026-06-17 5.0 MEDIUM 7.5 HIGH
Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake.
CVE-2017-7225 1 Gnu 1 Binutils 2026-06-17 5.0 MEDIUM 7.5 HIGH
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash.
CVE-2017-7209 1 Gnu 1 Binutils 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.
CVE-2017-7207 1 Artifex 1 Ghostscript 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.