Vulnerabilities (CVE)

Filtered by CWE-476
Total 5359 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-13768 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
CVE-2017-13764 1 Wireshark 1 Wireshark 2026-06-17 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation.
CVE-2017-13712 1 Lame Project 1 Lame 2026-06-17 5.0 MEDIUM 7.5 HIGH
NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument.
CVE-2017-13710 1 Gnu 1 Binutils 2026-06-17 5.0 MEDIUM 7.5 HIGH
The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small.
CVE-2017-13686 1 Linux 1 Linux Kernel 2026-06-17 7.2 HIGH 7.8 HIGH
net/ipv4/route.c in the Linux kernel 4.13-rc1 through 4.13-rc6 is too late to check for a NULL fi field when RTM_F_FIB_MATCH is set, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via crafted system calls. NOTE: this does not affect any stable release.
CVE-2017-13291 1 Google 1 Android 2026-06-17 7.8 HIGH 7.5 HIGH
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible NULL pointer dereference due to missing bounds checks. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71603553.
CVE-2017-13235 1 Google 1 Android 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866.
CVE-2017-13135 1 Libbpg Project 1 Libbpg 2026-06-17 6.8 MEDIUM 7.8 HIGH
A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure.
CVE-2017-13065 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.
CVE-2017-12952 1 Libgig0 1 Libgig 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.
CVE-2017-12950 1 Linuxsampler 1 Libgig 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.
CVE-2017-12923 1 Libfpx Project 1 Libfpx 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
CVE-2017-12922 1 Libfpx Project 1 Libfpx 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
wchar.c in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
CVE-2017-12921 1 Libfpx Project 1 Libfpx 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
PFileFlashPixView::GetGlobalInfoProperty in f_fpxvw.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
CVE-2017-12920 1 Libfpx Project 1 Libfpx 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
CDirectory::GetDirEntry in dir.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
CVE-2017-12809 2 Debian, Qemu 2 Debian Linux, Qemu 2026-06-17 2.1 LOW 6.5 MEDIUM
QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.
CVE-2017-12803 1 Matroska 1 Mkclean 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
CVE-2017-12800 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
CVE-2017-12781 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
CVE-2017-12779 1 Matroska 1 Mkvalidator 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.