Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-10248

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-15 Mar, 2017 | 14:00
Updated At-06 Aug, 2024 | 03:14
Rejected At-
Credits

The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:15 Mar, 2017 | 14:00
Updated At:06 Aug, 2024 | 03:14
Rejected At:
▼CVE Numbering Authority (CNA)

The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/
x_refsource_MISC
https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:1208
vendor-advisory
x_refsource_REDHAT
http://www.securityfocus.com/bid/93797
vdb-entry
x_refsource_BID
https://usn.ubuntu.com/3693-1/
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/
Resource:
x_refsource_MISC
Hyperlink: https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd
Resource:
x_refsource_CONFIRM
Hyperlink: https://access.redhat.com/errata/RHSA-2017:1208
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.securityfocus.com/bid/93797
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://usn.ubuntu.com/3693-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/
x_refsource_MISC
x_transferred
https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd
x_refsource_CONFIRM
x_transferred
https://access.redhat.com/errata/RHSA-2017:1208
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.securityfocus.com/bid/93797
vdb-entry
x_refsource_BID
x_transferred
https://usn.ubuntu.com/3693-1/
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2017:1208
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.securityfocus.com/bid/93797
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://usn.ubuntu.com/3693-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:15 Mar, 2017 | 14:59
Updated At:20 Apr, 2025 | 01:37

The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
JasPer
jasper_project
>>jasper>>Versions up to 1.900.8(inclusive)
cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-476Primarynvd@nist.gov
CWE ID: CWE-476
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/93797cve@mitre.org
N/A
https://access.redhat.com/errata/RHSA-2017:1208cve@mitre.org
N/A
https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/cve@mitre.org
Exploit
Issue Tracking
Patch
Third Party Advisory
VDB Entry
https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bdcve@mitre.org
Patch
Third Party Advisory
https://usn.ubuntu.com/3693-1/cve@mitre.org
N/A
http://www.securityfocus.com/bid/93797af854a3a-2127-422b-91ae-364da2661108
N/A
https://access.redhat.com/errata/RHSA-2017:1208af854a3a-2127-422b-91ae-364da2661108
N/A
https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/af854a3a-2127-422b-91ae-364da2661108
Exploit
Issue Tracking
Patch
Third Party Advisory
VDB Entry
https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bdaf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
https://usn.ubuntu.com/3693-1/af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://www.securityfocus.com/bid/93797
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2017:1208
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/
Source: cve@mitre.org
Resource:
Exploit
Issue Tracking
Patch
Third Party Advisory
VDB Entry
Hyperlink: https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
Hyperlink: https://usn.ubuntu.com/3693-1/
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/93797
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2017:1208
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Issue Tracking
Patch
Third Party Advisory
VDB Entry
Hyperlink: https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: https://usn.ubuntu.com/3693-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

521Records found
CVE-2008-3597
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.50% / 87.13%
||
7 Day CHG~0.00%
Published-12 Aug, 2008 | 17:00
Updated-07 Aug, 2024 | 09:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Skulltag before 0.97d2-RC6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by sending a "command 29" packet when the player is not in the game.

Action-Not Available
Vendor-skulltagn/a
Product-skulltagn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-22052
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-2.96% / 85.94%
||
7 Day CHG+0.16%
Published-04 Apr, 2024 | 19:45
Updated-03 Oct, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack

Action-Not Available
Vendor-Ivanti Software
Product-policy_secureconnect_securePolicy SecureConnect Securepolicy_secureconnect_secure
CWE ID-CWE-703
Improper Check or Handling of Exceptional Conditions
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-5391
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.89% / 74.58%
||
7 Day CHG~0.00%
Published-13 Jun, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart).

Action-Not Available
Vendor-libreswann/aFedora Project
Product-fedoralibreswann/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-4957
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-57.88% / 98.09%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.

Action-Not Available
Vendor-ntpn/aopenSUSESUSENovellOracle Corporation
Product-solarisleapntpopensusemanager_proxyopenstack_cloudsuse_managerlinux_enterprise_desktoplinux_enterprise_servern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-4912
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.78% / 72.83%
||
7 Day CHG~0.00%
Published-27 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure.

Action-Not Available
Vendor-openslpn/a
Product-openslpn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-6866
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.72%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash.

Action-Not Available
Vendor-sucklessn/aFedora Project
Product-fedoraslockn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-5041
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.92% / 75.05%
||
7 Day CHG~0.00%
Published-10 Apr, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a debugging information entry using DWARF5 and without a DW_AT_name.

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-0240
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-6.2||MEDIUM
EPSS-0.30% / 52.75%
||
7 Day CHG~0.00%
Published-17 Jan, 2022 | 13:35
Updated-02 Aug, 2024 | 23:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in mruby/mruby

mruby is vulnerable to NULL Pointer Dereference

Action-Not Available
Vendor-mrubymruby
Product-mrubymruby/mruby
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-4959
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.5||HIGH
EPSS-1.25% / 78.49%
||
7 Day CHG~0.00%
Published-08 Nov, 2016 | 20:37
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.

Action-Not Available
Vendor-n/aNVIDIA Corporation
Product-geforce_gtx_965mquadro_m600mgeforce_gt_710quadro_k420geforce_945mquadro_m2000mquadro_m500mquadro_m6000quadro_m1000mgeforce_930mquadro_m5000mquadro_p5000geforce_gtx_950mnvs_315geforce_gt_730geforce_gtx_960mquadro_m4000mquadro_m4000quadro_m3000mgeforce_gtx_1060geforce_930mxgeforce_940mgeforce_gtx_1050nvs_510quadro_k620quadro_k1200quadro_m2000geforce_920mxquadro_p6000gpu_drivergeforce_920mgeforce_910mnvs_810quadro_m5500quadro_m5000titan_xgeforce_940mxgeforce_gtx_1070geforce_gtx_1080nvs_310Quadro, NVS, GeForce (all versions)
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2005-2459
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.31% / 89.65%
||
7 Day CHG~0.00%
Published-22 Aug, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-45773
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.04%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 19:11
Updated-04 Aug, 2024 | 04:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870 commit 0d5e76e can lead to a segmentation fault or application crash.

Action-Not Available
Vendor-mz-automationn/a
Product-lib60870n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-45761
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.60%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 18:58
Updated-04 Aug, 2024 | 04:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ROPium v3.1 was discovered to contain an invalid memory address dereference via the find() function.

Action-Not Available
Vendor-ropium_projectn/a
Product-ropiumn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-38786
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.79% / 72.93%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 11:53
Updated-04 Aug, 2024 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a NULL pointer dereference in media/libcedarc/vdecoder of Allwinner R818 SoC Android Q SDK V1.0, which could cause a media crash (denial of service).

Action-Not Available
Vendor-allwinnertechn/a
Product-r818android_q_sdkn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-45769
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.04%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 19:10
Updated-04 Aug, 2024 | 04:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash.

Action-Not Available
Vendor-mz-automationn/a
Product-libiec61850n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-10708
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.19% / 78.00%
||
7 Day CHG~0.00%
Published-21 Jan, 2018 | 22:00
Updated-06 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxNetApp, Inc.OpenBSD
Product-ubuntu_linuxclustered_data_ontapdebian_linuxcloud_backupdata_ontapservice_processoropensshdata_ontap_edgestoragegrid_webscalevasa_provideroncommand_unified_managerstoragegridn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-45266
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.04%
||
7 Day CHG~0.00%
Published-22 Dec, 2021 | 17:53
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A null pointer dereference vulnerability exists in gpac 1.1.0 via the lsr_read_anim_values_ex function, which causes a segmentation fault and application crash.

Action-Not Available
Vendor-n/aGPAC
Product-gpacn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-44492
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.68%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 17:27
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_port/f_incr.c and cause a crash due to a NULL pointer dereference.

Action-Not Available
Vendor-fisglobalyottadbn/a
Product-gt.myottadbn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-44498
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.68%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 17:44
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_port/f_incr.c and cause a crash due to a NULL pointer dereference.

Action-Not Available
Vendor-fisglobaln/a
Product-gt.mn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-10129
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-4.76% / 89.02%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.

Action-Not Available
Vendor-libgit2_projectn/a
Product-libgit2n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-44508
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.63%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 17:56
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer.

Action-Not Available
Vendor-fisglobaln/a
Product-gt.mn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-44506
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.68%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 17:55
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to do_verify in sr_unix/do_verify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer.

Action-Not Available
Vendor-yottadbn/a
Product-gt.mn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-44494
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.68%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 17:37
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference.

Action-Not Available
Vendor-fisglobalyottadbn/a
Product-gt.myottadbn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-44507
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.68%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 18:02
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of parameter validation in calls to memcpy in str_tok in sr_unix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer.

Action-Not Available
Vendor-fisglobaln/a
Product-gt.mn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-10162
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.67% / 88.90%
||
7 Day CHG~0.00%
Published-24 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call.

Action-Not Available
Vendor-n/aThe PHP Group
Product-phpn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-10189
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.40% / 86.93%
||
7 Day CHG~0.00%
Published-14 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.

Action-Not Available
Vendor-bitlbeen/a
Product-bitlbeebitlbee-libpurplen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-44487
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.26%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 17:22
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer.

Action-Not Available
Vendor-fisglobalyottadbn/a
Product-gt.myottadbn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-42577
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.42%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 22:09
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference.

Action-Not Available
Vendor-softingn/a
Product-datafeed_opc_suitesecure_integration_serveropc_ua_c\+\+_software_development_kitn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-10087
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.85% / 82.27%
||
7 Day CHG~0.00%
Published-30 Jan, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.

Action-Not Available
Vendor-libpngn/a
Product-libpngn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-10132
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.78%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation.

Action-Not Available
Vendor-n/aArtifex Software Inc.Fedora Project
Product-mujsfedoran/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-10415
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.79%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, dereference of an invalid input parameter could cause a denial of service.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresd_412sd_617_firmwaresd_808_firmwaresd_400sdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_650sd_820sd_808sd_450_firmwaresd_800sd_410sd_617sd_400_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sd_412_firmwaremdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_410_firmwaresd_835sd_205sd_600_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresd_600msm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-8917
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.59% / 89.94%
||
7 Day CHG~0.00%
Published-20 Sep, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.libarchive
Product-debian_linuxubuntu_linuxlibarchiven/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-4186
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.07% / 22.32%
||
7 Day CHG~0.00%
Published-30 Dec, 2021 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark FoundationFedora Project
Product-wiresharkfedoraWireshark
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-41689
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.82%
||
7 Day CHG~0.00%
Published-28 Jun, 2022 | 09:38
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack.

Action-Not Available
Vendor-offisn/adcmtk
Product-dcmtkn/adcmtk
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-8270
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-1.11% / 77.28%
||
7 Day CHG~0.00%
Published-13 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash).

Action-Not Available
Vendor-rtmpdump_projectn/a
Product-rtmpdumpn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-4188
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-6.8||MEDIUM
EPSS-0.29% / 51.69%
||
7 Day CHG~0.00%
Published-30 Dec, 2021 | 06:55
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in mruby/mruby

mruby is vulnerable to NULL Pointer Dereference

Action-Not Available
Vendor-mrubymruby
Product-mrubymruby/mruby
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-4110
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.1||CRITICAL
EPSS-0.46% / 62.95%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 04:40
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in mruby/mruby

mruby is vulnerable to NULL Pointer Dereference

Action-Not Available
Vendor-mrubymruby
Product-mrubymruby/mruby
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-44505
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.68%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 17:54
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a NULL pointer dereference after calls to ZPrint.

Action-Not Available
Vendor-yottadbn/a
Product-gt.mn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-7516
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.34% / 79.23%
||
7 Day CHG~0.00%
Published-24 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ONOS before 1.5.0 when using the ifwd app allows remote attackers to cause a denial of service (NULL pointer dereference and switch disconnect) by sending two Ethernet frames with ether_type Jumbo Frame (0x8870).

Action-Not Available
Vendor-onosprojectn/a
Product-onosn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39977
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.16%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-22 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39920
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-7.5||HIGH
EPSS-0.10% / 28.96%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 00:00
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark FoundationFedora Project
Product-wiresharkfedoraWireshark
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-38604
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.05%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 15:43
Updated-30 May, 2025 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.

Action-Not Available
Vendor-n/aOracle CorporationFedora ProjectGNU
Product-communications_cloud_native_core_security_edge_protection_proxyenterprise_operations_monitorfedoracommunications_cloud_native_core_binding_support_functioncommunications_cloud_native_core_network_function_cloud_native_environmentglibccommunications_cloud_native_core_network_repository_functioncommunications_cloud_native_core_unified_data_repositoryn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-5180
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.21%
||
7 Day CHG+0.07%
Published-27 Jun, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).

Action-Not Available
Vendor-n/aCanonical Ltd.GNU
Product-ubuntu_linuxglibcn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-4444
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-5||MEDIUM
EPSS-0.90% / 74.75%
||
7 Day CHG~0.00%
Published-15 Jul, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2015-4443.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readermacosacrobat_dcwindowsacrobatn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-38177
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-7.5||HIGH
EPSS-3.08% / 86.23%
||
7 Day CHG~0.00%
Published-14 Sep, 2021 | 11:24
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to null pointer dereference vulnerability when an unauthenticated attacker sends crafted malicious data in the HTTP requests over the network, this causes the SAP application to crash and has high impact on the availability of the SAP system.

Action-Not Available
Vendor-SAP SE
Product-commoncryptolibSAP CommonCryptoLib
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-29491
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.48%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 16:49
Updated-16 Sep, 2024 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side (client/server), and DTLS on the other (server/client), undisclosed requests can cause the TMM process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_local_traffic_managerbig-ip_access_policy_managerbig-ip_advanced_web_application_firewallbig-ip_application_security_managerBIG-IP LTM, Advanced WAF, ASM, and APM
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-4443
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-5||MEDIUM
EPSS-0.90% / 74.75%
||
7 Day CHG~0.00%
Published-15 Jul, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2015-4444.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readermacosacrobat_dcwindowsacrobatn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-29795
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.20%
||
7 Day CHG~0.00%
Published-13 May, 2022 | 15:05
Updated-03 Aug, 2024 | 06:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-37083
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.16%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:04
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a NULL Pointer Dereference vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Denial of Service Attacks.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-4054
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-3.38% / 86.87%
||
7 Day CHG~0.00%
Published-23 May, 2017 | 03:56
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a password packet before a startup packet.

Action-Not Available
Vendor-pgbouncern/a
Product-pgbouncern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-5590
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.45%
||
7 Day CHG~0.00%
Published-15 Oct, 2023 | 22:14
Updated-16 Sep, 2024 | 20:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in seleniumhq/selenium

NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0.

Action-Not Available
Vendor-seleniumseleniumhq
Product-seleniumseleniumhq/selenium
CWE ID-CWE-476
NULL Pointer Dereference
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 10
  • 11
  • Next
Details not found