Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-1752

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-06 Jun, 2011 | 19:00
Updated At-06 Aug, 2024 | 22:37
Rejected At-
Credits

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:06 Jun, 2011 | 19:00
Updated At:06 Aug, 2024 | 22:37
Rejected At:
▼CVE Numbering Authority (CNA)

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.debian.org/security/2011/dsa-2251
vendor-advisory
x_refsource_DEBIAN
http://www.ubuntu.com/usn/USN-1144-1
vendor-advisory
x_refsource_UBUNTU
http://support.apple.com/kb/HT5130
x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2011:106
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/44849
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0862.html
vendor-advisory
x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html
vendor-advisory
x_refsource_FEDORA
http://secunia.com/advisories/44888
third-party-advisory
x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/45162
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/44681
third-party-advisory
x_refsource_SECUNIA
http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
x_refsource_CONFIRM
http://secunia.com/advisories/44879
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/48091
vdb-entry
x_refsource_BID
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html
vendor-advisory
x_refsource_FEDORA
https://bugzilla.redhat.com/show_bug.cgi?id=709111
x_refsource_CONFIRM
http://secunia.com/advisories/44633
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922
vdb-entry
signature
x_refsource_OVAL
http://www.securitytracker.com/id?1025617
vdb-entry
x_refsource_SECTRACK
http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2011-0861.html
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.debian.org/security/2011/dsa-2251
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.ubuntu.com/usn/USN-1144-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://support.apple.com/kb/HT5130
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:106
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/44849
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0862.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://secunia.com/advisories/44888
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/45162
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/44681
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/44879
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/48091
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=709111
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/44633
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.securitytracker.com/id?1025617
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0861.html
Resource:
vendor-advisory
x_refsource_REDHAT
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.debian.org/security/2011/dsa-2251
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.ubuntu.com/usn/USN-1144-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://support.apple.com/kb/HT5130
x_refsource_CONFIRM
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2011:106
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/44849
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0862.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://secunia.com/advisories/44888
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/45162
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/44681
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/44879
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/48091
vdb-entry
x_refsource_BID
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html
vendor-advisory
x_refsource_FEDORA
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=709111
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/44633
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.securitytracker.com/id?1025617
vdb-entry
x_refsource_SECTRACK
x_transferred
http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0861.html
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.debian.org/security/2011/dsa-2251
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-1144-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://support.apple.com/kb/HT5130
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:106
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/44849
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0862.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://secunia.com/advisories/44888
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/45162
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/44681
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/44879
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/48091
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=709111
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/44633
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.securitytracker.com/id?1025617
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0861.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:06 Jun, 2011 | 19:55
Updated At:29 Apr, 2026 | 01:13

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
The Apache Software Foundation
apache
>>subversion>>Versions before 1.6.17(exclusive)
cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>10.04
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>10.10
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>11.04
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>5.0
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>6.0
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>14
cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>15
cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x>>Versions before 10.7.3(exclusive)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-476Primarynvd@nist.gov
CWE ID: CWE-476
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.htmlsecalert@redhat.com
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.htmlsecalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/44633secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/44681secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/44849secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/44879secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/44888secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/45162secalert@redhat.com
Third Party Advisory
http://subversion.apache.org/security/CVE-2011-1752-advisory.txtsecalert@redhat.com
Vendor Advisory
http://support.apple.com/kb/HT5130secalert@redhat.com
Vendor Advisory
http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGESsecalert@redhat.com
Release Notes
Third Party Advisory
http://www.debian.org/security/2011/dsa-2251secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:106secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0861.htmlsecalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0862.htmlsecalert@redhat.com
Third Party Advisory
http://www.securityfocus.com/bid/48091secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1025617secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1144-1secalert@redhat.com
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=709111secalert@redhat.com
Issue Tracking
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922secalert@redhat.com
Third Party Advisory
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/44633af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/44681af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/44849af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/44879af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/44888af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/45162af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://subversion.apache.org/security/CVE-2011-1752-advisory.txtaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://support.apple.com/kb/HT5130af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGESaf854a3a-2127-422b-91ae-364da2661108
Release Notes
Third Party Advisory
http://www.debian.org/security/2011/dsa-2251af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:106af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0861.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0862.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/48091af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1025617af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1144-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=709111af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/44633
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/44681
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/44849
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/44879
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/44888
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/45162
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://support.apple.com/kb/HT5130
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES
Source: secalert@redhat.com
Resource:
Release Notes
Third Party Advisory
Hyperlink: http://www.debian.org/security/2011/dsa-2251
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:106
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0861.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0862.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/48091
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1025617
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/USN-1144-1
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=709111
Source: secalert@redhat.com
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/44633
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/44681
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/44849
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/44879
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/44888
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/45162
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://support.apple.com/kb/HT5130
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Release Notes
Third Party Advisory
Hyperlink: http://www.debian.org/security/2011/dsa-2251
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:106
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0861.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0862.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/48091
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1025617
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/USN-1144-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=709111
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

2567Records found
CVE-2015-8917
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.66% / 90.55%
||
7 Day CHG~0.00%
Published-20 Sep, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

Action-Not Available
Vendor-n/aCanonical Ltd.libarchiveDebian GNU/Linux
Product-debian_linuxlibarchiveubuntu_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-4186
Matching Score-10
Assigner-GitLab Inc.
ShareView Details
Matching Score-10
Assigner-GitLab Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.13% / 31.70%
||
7 Day CHG~0.00%
Published-30 Dec, 2021 | 00:00
Updated-03 Nov, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Fedora ProjectWireshark Foundation
Product-fedorawiresharkWireshark
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-4443
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-5||MEDIUM
EPSS-1.23% / 79.55%
||
7 Day CHG~0.00%
Published-15 Jul, 2015 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2015-4444.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-acrobatacrobat_readeracrobat_reader_dcwindowsmacosacrobat_dcn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-4444
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-5||MEDIUM
EPSS-1.23% / 79.55%
||
7 Day CHG~0.00%
Published-15 Jul, 2015 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2015-4443.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-acrobatacrobat_readeracrobat_reader_dcwindowsmacosacrobat_dcn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-5180
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.62% / 70.46%
||
7 Day CHG~0.00%
Published-27 Jun, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).

Action-Not Available
Vendor-n/aCanonical Ltd.GNU
Product-glibcubuntu_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-3194
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-54.49% / 98.07%
||
7 Day CHG+2.59%
Published-06 Dec, 2015 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.

Action-Not Available
Vendor-n/aCanonical Ltd.OpenSSLDebian GNU/LinuxNode.js (OpenJS Foundation)
Product-debian_linuxubuntu_linuxnode.jsopenssln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-41524
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-3.96% / 88.59%
||
7 Day CHG~0.00%
Published-05 Oct, 2021 | 08:40
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
null pointer dereference in h2 fuzzing

While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project.

Action-Not Available
Vendor-The Apache Software FoundationNetApp, Inc.Fedora ProjectOracle Corporation
Product-http_serverinstantis_enterprisetrackfedoracloud_backupApache HTTP Server
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39928
Matching Score-10
Assigner-GitLab Inc.
ShareView Details
Matching Score-10
Assigner-GitLab Inc.
CVSS Score-7.5||HIGH
EPSS-1.33% / 80.33%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 00:00
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark FoundationDebian GNU/LinuxFedora Project
Product-wiresharkdebian_linuxfedoraWireshark
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39921
Matching Score-10
Assigner-GitLab Inc.
ShareView Details
Matching Score-10
Assigner-GitLab Inc.
CVSS Score-7.5||HIGH
EPSS-1.33% / 80.33%
||
7 Day CHG~0.00%
Published-19 Nov, 2021 | 00:00
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark FoundationDebian GNU/LinuxFedora Project
Product-wiresharkdebian_linuxfedoraWireshark
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-18189
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.71% / 90.60%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 10:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.

Action-Not Available
Vendor-n/aSoX - Sound eXchangeDebian GNU/Linux
Product-debian_linuxsound_exchangen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39920
Matching Score-10
Assigner-GitLab Inc.
ShareView Details
Matching Score-10
Assigner-GitLab Inc.
CVSS Score-7.5||HIGH
EPSS-0.52% / 67.28%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 00:00
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark FoundationFedora Project
Product-wiresharkfedoraWireshark
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-3481
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-6.73% / 91.44%
||
7 Day CHG~0.00%
Published-20 Jul, 2020 | 17:45
Updated-13 Nov, 2024 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clam AntiVirus (ClamAV) Software Null Pointer Dereference Vulnerability

A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectClamAVCanonical Ltd.Cisco Systems, Inc.
Product-ubuntu_linuxclamavdebian_linuxfedoraClamAV
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-38604
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.52%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 15:43
Updated-30 May, 2025 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.

Action-Not Available
Vendor-n/aOracle CorporationFedora ProjectGNU
Product-communications_cloud_native_core_security_edge_protection_proxyenterprise_operations_monitorfedoracommunications_cloud_native_core_binding_support_functioncommunications_cloud_native_core_network_function_cloud_native_environmentglibccommunications_cloud_native_core_network_repository_functioncommunications_cloud_native_core_unified_data_repositoryn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2009-1387
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-13.46% / 94.35%
||
7 Day CHG~0.00%
Published-04 Jun, 2009 | 16:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."

Action-Not Available
Vendor-n/aCanonical Ltd.OpenSSLRed Hat, Inc.
Product-ubuntu_linuxopenssln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-14977
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.10% / 78.37%
||
7 Day CHG~0.00%
Published-01 Oct, 2017 | 23:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack.

Action-Not Available
Vendor-n/afreedesktop.orgDebian GNU/Linux
Product-debian_linuxpopplern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2009-1386
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-47.63% / 97.77%
||
7 Day CHG~0.00%
Published-04 Jun, 2009 | 16:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.

Action-Not Available
Vendor-n/aCanonical Ltd.OpenSSLRed Hat, Inc.
Product-ubuntu_linuxopenssln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-35680
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.80% / 90.68%
||
7 Day CHG~0.00%
Published-24 Dec, 2020 | 15:53
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer.

Action-Not Available
Vendor-opensmtpdn/aFedora Project
Product-opensmtpdfedoran/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-10708
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.12% / 87.10%
||
7 Day CHG~0.00%
Published-21 Jan, 2018 | 22:00
Updated-29 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

Action-Not Available
Vendor-n/aCanonical Ltd.OpenBSDDebian GNU/LinuxNetApp, Inc.
Product-data_ontapdebian_linuxubuntu_linuxservice_processordata_ontap_edgestoragegrid_webscaleclustered_data_ontaponcommand_unified_manageropensshcloud_backupstoragegridvasa_providern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-25866
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.45% / 81.15%
||
7 Day CHG~0.00%
Published-06 Oct, 2020 | 14:42
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.

Action-Not Available
Vendor-n/aWireshark FoundationOracle CorporationFedora ProjectopenSUSE
Product-wiresharkfedorazfs_storage_appliance_kitleapn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-19752
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 56.23%
||
7 Day CHG~0.00%
Published-07 Sep, 2021 | 19:42
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The find_color_or_error function in gifsicle 1.92 contains a NULL pointer dereference.

Action-Not Available
Vendor-lcdfn/aFedora Project
Product-fedoragifsiclen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-1730
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 28.98%
||
7 Day CHG~0.00%
Published-13 Apr, 2020 | 00:00
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.

Action-Not Available
Vendor-libsshRed Hat, Inc.NetApp, Inc.Canonical Ltd.Oracle CorporationFedora Project
Product-ubuntu_linuxcloud_backupfedoraenterprise_linuxlibsshmysql_workbenchlibssh
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2009-1902
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-14.55% / 94.60%
||
7 Day CHG-0.08%
Published-03 Jun, 2009 | 16:33
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service (crash) via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference.

Action-Not Available
Vendor-trustwaven/aFedora Project
Product-modsecurityfedoran/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-34555
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 65.72%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 14:56
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a multi-value From header field.

Action-Not Available
Vendor-trusteddomainn/aFedora Project
Product-fedoraopendmarcn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-34798
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-10.29% / 93.32%
||
7 Day CHG~0.00%
Published-16 Sep, 2021 | 14:40
Updated-04 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL pointer dereference in httpd core

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.

Action-Not Available
Vendor-NetApp, Inc.Debian GNU/LinuxThe Apache Software FoundationOracle CorporationTenable, Inc.Broadcom Inc.Siemens AGFedora Project
Product-peoplesoft_enterprise_peopletoolscommunications_cloud_native_core_network_function_cloud_native_environmentcloud_backuptenable.scstoragegridsinema_serverruggedcom_nmshttp_serverclustered_data_ontapdebian_linuxsinec_nmssinema_remote_connect_serverinstantis_enterprisetrackfedorazfs_storage_appliance_kitenterprise_manager_base_platformbrocade_fabric_operating_system_firmwareApache HTTP Server
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-3480
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.80% / 83.14%
||
7 Day CHG~0.00%
Published-20 May, 2021 | 12:14
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-slapi-nis_projectn/aFedora Project
Product-fedoraslapi-nisslapi-nis
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-31618
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-14.97% / 94.70%
||
7 Day CHG+3.97%
Published-15 Jun, 2021 | 00:00
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL pointer dereference on specially crafted HTTP/2 request

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server. This issue affected mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never released.

Action-Not Available
Vendor-The Apache Software FoundationFedora ProjectDebian GNU/LinuxOracle Corporation
Product-http_serverdebian_linuxinstantis_enterprisetrackfedorazfs_storage_appliance_kitenterprise_manager_ops_centerApache HTTP Server
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-30698
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.93%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 14:28
Updated-03 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Safari 14.1.1, iOS 14.6 and iPadOS 14.6. A remote attacker may be able to cause a denial of service.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osmacossafariipadosmacOSiOS and iPadOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2014-9323
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.48% / 81.38%
||
7 Day CHG~0.00%
Published-16 Dec, 2014 | 18:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.

Action-Not Available
Vendor-firebirdsqln/aCanonical Ltd.openSUSEDebian GNU/Linux
Product-firebirddebian_linuxubuntu_linuxevergreenn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-28543
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-0.92% / 76.34%
||
7 Day CHG~0.00%
Published-16 Mar, 2021 | 14:43
Updated-03 Aug, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, an assertion failure or NULL pointer dereference can be triggered in Varnish Cache through the varnish-modules header.append() and header.copy() functions. For some Varnish Configuration Language (VCL) files, this gives remote clients an opportunity to cause a Varnish Cache restart. A restart reduces overall availability and performance due to an increased number of cache misses, and may cause higher load on backend servers.

Action-Not Available
Vendor-varnish-cachen/aFedora Project
Product-varnish-modulesfedoravarnish-modules_klarlackn/a
CWE ID-CWE-617
Reachable Assertion
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-1000027
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-66.00% / 98.53%
||
7 Day CHG~0.00%
Published-09 Feb, 2018 | 23:00
Updated-05 Aug, 2024 | 12:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.

Action-Not Available
Vendor-n/aSquid CacheCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxsquidn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2014-3581
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-4.81% / 89.70%
||
7 Day CHG~0.00%
Published-10 Oct, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.

Action-Not Available
Vendor-n/aCanonical Ltd.Oracle CorporationThe Apache Software FoundationRed Hat, Inc.
Product-ubuntu_linuxenterprise_manager_ops_centerenterprise_linux_serverenterprise_linux_server_tusenterprise_linux_desktoplinuxenterprise_linux_server_ausenterprise_linux_eushttp_servern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-20296
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.01% / 77.51%
||
7 Day CHG~0.00%
Published-01 Apr, 2021 | 00:00
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-openexrn/aDebian GNU/Linux
Product-openexrdebian_linuxOpenEXR
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-13848
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.24% / 87.36%
||
7 Day CHG~0.00%
Published-04 Jun, 2020 | 19:55
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.

Action-Not Available
Vendor-libupnp_projectn/aDebian GNU/Linux
Product-libupnpdebian_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-13950
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-17.58% / 95.23%
||
7 Day CHG+3.13%
Published-10 Jun, 2021 | 07:10
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
mod_proxy_http NULL pointer dereference

Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service

Action-Not Available
Vendor-The Apache Software FoundationFedora ProjectDebian GNU/LinuxOracle Corporation
Product-http_serverdebian_linuxinstantis_enterprisetrackfedorazfs_storage_appliance_kitenterprise_manager_ops_centerApache HTTP Server
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2013-4412
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.94% / 76.60%
||
7 Day CHG~0.00%
Published-04 Nov, 2019 | 12:44
Updated-06 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

slim has NULL pointer dereference when using crypt() method from glibc 2.17

Action-Not Available
Vendor-berliosslimDebian GNU/LinuxGNU
Product-glibcslimdebian_linuxslim
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-13575
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.38%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 20:01
Updated-13 Feb, 2025 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-geniviaGeniviaFedora Project
Product-gsoapfedoragSOAP
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2013-2765
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.38% / 90.28%
||
7 Day CHG~0.00%
Published-15 Jul, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.

Action-Not Available
Vendor-trustwaven/aThe Apache Software FoundationopenSUSE
Product-http_servermodsecurityopensusen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-13577
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.70%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 00:00
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-genivian/aFedora Project
Product-gsoapfedoraGenivia
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-7105
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 54.52%
||
7 Day CHG-0.26%
Published-16 Jan, 2020 | 03:36
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectRedis Inc.
Product-debian_linuxfedorahiredisn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-13574
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.70%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 00:00
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-genivian/aFedora Project
Product-gsoapfedoraGenivia
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-12059
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 52.11%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 00:00
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception.

Action-Not Available
Vendor-n/aThe Linux FoundationCanonical Ltd.
Product-ubuntu_linuxcephn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2006-2661
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-12.64% / 94.11%
||
7 Day CHG~0.00%
Published-30 May, 2006 | 19:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.

Action-Not Available
Vendor-freetypen/aCanonical Ltd.Debian GNU/Linux
Product-debian_linuxubuntu_linuxfreetypen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-9208
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.14% / 90.97%
||
7 Day CHG~0.00%
Published-28 Feb, 2019 | 04:00
Updated-04 Aug, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-3995
Matching Score-10
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-10
Assigner-Tenable Network Security, Inc.
CVSS Score-7.5||HIGH
EPSS-7.96% / 92.22%
||
7 Day CHG~0.00%
Published-17 Dec, 2019 | 21:59
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request.

Action-Not Available
Vendor-elog_projectn/aFedora Project
Product-elogfedoraELOG
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-5010
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-5.9||MEDIUM
EPSS-5.36% / 90.26%
||
7 Day CHG~0.00%
Published-31 Oct, 2019 | 20:05
Updated-04 Aug, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxopenSUSERed Hat, Inc.Python Software Foundation
Product-debian_linuxenterprise_linux_server_ausenterprise_linuxenterprise_linux_eusenterprise_linux_server_tuspythonleapPython
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2005-2459
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.31% / 90.22%
||
7 Day CHG~0.00%
Published-22 Aug, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2004-0458
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.60% / 82.09%
||
7 Day CHG~0.00%
Published-19 Aug, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.

Action-Not Available
Vendor-nicolas_boullisn/aDebian GNU/Linux
Product-debian_linuxmah-jongn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-19880
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.44% / 92.49%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:07
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

Action-Not Available
Vendor-sqliten/aDebian GNU/LinuxNetApp, Inc.Siemens AGRed Hat, Inc.openSUSEOracle CorporationSUSE
Product-enterprise_linux_serversinec_infrastructure_network_servicesdebian_linuxcloud_backupsqlitelinux_enterpriseenterprise_linux_workstationpackage_hubbackports_sleenterprise_linux_desktopmysql_workbenchleapn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-19722
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.67% / 82.45%
||
7 Day CHG~0.00%
Published-13 Dec, 2019 | 16:34
Updated-05 Aug, 2024 | 02:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.

Action-Not Available
Vendor-n/aFedora ProjectDovecot
Product-fedoradovecotn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-19923
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.20% / 91.03%
||
7 Day CHG~0.00%
Published-24 Dec, 2019 | 15:43
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).

Action-Not Available
Vendor-sqliten/aDebian GNU/LinuxNetApp, Inc.Siemens AGRed Hat, Inc.openSUSEOracle CorporationSUSE
Product-sinec_infrastructure_network_servicesenterprise_linux_serverdebian_linuxcloud_backupsqliteenterprise_linux_workstationlinux_enterprisepackage_hubbackports_sleenterprise_linux_desktopmysql_workbenchleapn/a
CWE ID-CWE-476
NULL Pointer Dereference
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 51
  • 52
  • Next
Details not found