Total
3726 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-2678 | 3 Fedoraproject, Linux, Oracle | 3 Fedora, Linux Kernel, Linux | 2025-04-12 | 4.7 MEDIUM | N/A |
| The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. | |||||
| CVE-2016-2391 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2025-04-12 | 2.1 LOW | 5.0 MEDIUM |
| The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers. | |||||
| CVE-2016-4626 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. | |||||
| CVE-2016-9117 | 1 Uclouvain | 1 Openjpeg | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. | |||||
| CVE-2016-7905 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file. | |||||
| CVE-2013-4119 | 1 Freerdp | 1 Freerdp | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished. | |||||
| CVE-2016-5423 | 2 Debian, Postgresql | 2 Debian Linux, Postgresql | 2025-04-12 | 6.5 MEDIUM | 8.3 HIGH |
| PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types. | |||||
| CVE-2016-9443 | 1 Tats | 1 W3m | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | |||||
| CVE-2016-7131 | 1 Php | 1 Php | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a < (less than) character. | |||||
| CVE-2016-7445 | 2 Opensuse, Uclouvain | 2 Leap, Openjpeg | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s. | |||||
| CVE-2016-9018 | 1 Realnetworks | 1 Realplayer | 2025-04-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null pointer dereference and crash in RealNetworks RealPlayer 18.1.5.705 through a crafted .QCP media file. | |||||
| CVE-2016-8630 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel before 4.8.7, when KVM is enabled, allows local users to cause a denial of service (host OS crash) via a certain use of a ModR/M byte in an undefined instruction. | |||||
| CVE-2016-5354 | 1 Wireshark | 1 Wireshark | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2016-1811 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image. | |||||
| CVE-2016-6327 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation. | |||||
| CVE-2014-9660 | 7 Canonical, Debian, Fedoraproject and 4 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2025-04-12 | 7.5 HIGH | N/A |
| The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font. | |||||
| CVE-2014-9323 | 4 Canonical, Debian, Firebirdsql and 1 more | 4 Ubuntu Linux, Debian Linux, Firebird and 1 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status. | |||||
| CVE-2016-9629 | 1 Tats | 1 W3m | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | |||||
| CVE-2015-8551 | 4 Debian, Linux, Opensuse and 1 more | 8 Debian Linux, Linux Kernel, Opensuse and 5 more | 2025-04-12 | 4.7 MEDIUM | 6.0 MEDIUM |
| The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks." | |||||
| CVE-2016-9562 | 1 Sap | 1 Netweaver Application Server Java | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835. | |||||