Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-12920

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-28 Aug, 2017 | 19:00
Updated At-05 Aug, 2024 | 18:51
Rejected At-
Credits

CDirectory::GetDirEntry in dir.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
ā–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:28 Aug, 2017 | 19:00
Updated At:05 Aug, 2024 | 18:51
Rejected At:
ā–¼CVE Numbering Authority (CNA)

CDirectory::GetDirEntry in dir.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-cdirectorygetdirentry-dir-cxx/
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2017/08/17/12
mailing-list
x_refsource_MLIST
Hyperlink: https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-cdirectorygetdirentry-dir-cxx/
Resource:
x_refsource_MISC
Hyperlink: http://www.openwall.com/lists/oss-security/2017/08/17/12
Resource:
mailing-list
x_refsource_MLIST
ā–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-cdirectorygetdirentry-dir-cxx/
x_refsource_MISC
x_transferred
http://www.openwall.com/lists/oss-security/2017/08/17/12
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-cdirectorygetdirentry-dir-cxx/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2017/08/17/12
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Information is not available yet
ā–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:28 Aug, 2017 | 19:29
Updated At:20 Apr, 2025 | 01:37

CDirectory::GetDirEntry in dir.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.06.5MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
libfpx_project
libfpx_project
>>libfpx>>1.3.1
cpe:2.3:a:libfpx_project:libfpx:1.3.1:p6:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-476Primarynvd@nist.gov
CWE ID: CWE-476
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.openwall.com/lists/oss-security/2017/08/17/12cve@mitre.org
Mailing List
Third Party Advisory
https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-cdirectorygetdirentry-dir-cxx/cve@mitre.org
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2017/08/17/12af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-cdirectorygetdirentry-dir-cxx/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
Hyperlink: http://www.openwall.com/lists/oss-security/2017/08/17/12
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-cdirectorygetdirentry-dir-cxx/
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.openwall.com/lists/oss-security/2017/08/17/12
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-cdirectorygetdirentry-dir-cxx/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

646Records found
CVE-2017-12474
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.26% / 48.67%
||
7 Day CHG~0.00%
Published-06 Sep, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AP4_AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable.cpp in Bento4 mp42ts before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.

Action-Not Available
Vendor-bento4n/a
Product-bento4n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-12476
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.26% / 48.67%
||
7 Day CHG~0.00%
Published-06 Sep, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.

Action-Not Available
Vendor-bento4n/a
Product-bento4n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-34122
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.29% / 51.72%
||
7 Day CHG~0.00%
Published-10 Mar, 2022 | 14:50
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference.

Action-Not Available
Vendor-rockcarryn/a
Product-ffjpegn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9888
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.48% / 64.66%
||
7 Day CHG~0.00%
Published-08 Dec, 2016 | 08:08
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file.

Action-Not Available
Vendor-n/aThe GNOME Project
Product-libgsfn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9828
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.22% / 44.58%
||
7 Day CHG~0.00%
Published-16 Feb, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dumpBuffer function in read.c in the listswf tool in libming 0.4.7 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SWF file.

Action-Not Available
Vendor-libmingn/a
Product-libmingn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9434
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.71% / 71.84%
||
7 Day CHG~0.00%
Published-12 Dec, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

Action-Not Available
Vendor-tatsn/a
Product-w3mn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9559
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.03% / 76.99%
||
7 Day CHG~0.00%
Published-01 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.

Action-Not Available
Vendor-n/aDebian GNU/LinuxImageMagick Studio LLC
Product-debian_linuximagemagickn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9117
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.58% / 68.43%
||
7 Day CHG~0.00%
Published-30 Oct, 2016 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

Action-Not Available
Vendor-uclouvainn/a
Product-openjpegn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9623
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.19% / 78.48%
||
7 Day CHG~0.00%
Published-12 Dec, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

Action-Not Available
Vendor-tatsn/a
Product-w3mn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9438
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.71% / 71.84%
||
7 Day CHG~0.00%
Published-12 Dec, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

Action-Not Available
Vendor-tatsn/a
Product-w3mn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9629
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.74% / 72.65%
||
7 Day CHG~0.00%
Published-12 Dec, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

Action-Not Available
Vendor-tatsn/a
Product-w3mn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9116
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.58% / 68.43%
||
7 Day CHG~0.00%
Published-30 Oct, 2016 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

Action-Not Available
Vendor-uclouvainn/a
Product-openjpegn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9018
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-1.39% / 80.04%
||
7 Day CHG~0.00%
Published-28 Oct, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null pointer dereference and crash in RealNetworks RealPlayer 18.1.5.705 through a crafted .QCP media file.

Action-Not Available
Vendor-n/aRealNetworks LLC
Product-realplayern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9440
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.21% / 78.67%
||
7 Day CHG~0.00%
Published-12 Dec, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

Action-Not Available
Vendor-tatsn/a
Product-w3mn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9600
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.29% / 52.45%
||
7 Day CHG~0.00%
Published-12 Mar, 2018 | 15:00
Updated-16 Sep, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.

Action-Not Available
Vendor-Canonical Ltd.JasPerRed Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopjasperjasper
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9813
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-4.81% / 89.28%
||
7 Day CHG~0.00%
Published-13 Jan, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

Action-Not Available
Vendor-gstreamern/a
Product-gstreamern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8885
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.35% / 57.13%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image.

Action-Not Available
Vendor-n/aJasPer
Product-jaspern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-7627
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.50% / 65.39%
||
7 Day CHG~0.00%
Published-20 Feb, 2017 | 08:35
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "CoreGraphics" component. It allows attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted font.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_oswatchosmac_os_xn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8569
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.73% / 72.41%
||
7 Day CHG~0.00%
Published-03 Feb, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.

Action-Not Available
Vendor-libgit2_projectn/aopenSUSESUSEFedora Project
Product-libgit2linux_enterprisefedoraleapopensusen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8696
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.33% / 55.47%
||
7 Day CHG~0.00%
Published-31 Jan, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695.

Action-Not Available
Vendor-potrace_projectn/a
Product-potracen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8675
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 47.03%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The get_vlc2 function in get_bits.h in Libav before 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file, possibly related to startcode sequences during m4v detection.

Action-Not Available
Vendor-libavn/a
Product-libavn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-7424
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 46.77%
||
7 Day CHG~0.00%
Published-07 Oct, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file.

Action-Not Available
Vendor-libavn/aDebian GNU/Linux
Product-debian_linuxlibavn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8690
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 61.53%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-7605
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 36.38%
||
7 Day CHG~0.00%
Published-20 Feb, 2017 | 08:35
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8882
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 46.26%
||
7 Day CHG~0.00%
Published-13 Jan, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

Action-Not Available
Vendor-n/aJasPer
Product-jaspern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-7477
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 46.47%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted mp3 file. NOTE: this issue was originally reported as involving a NULL pointer dereference.

Action-Not Available
Vendor-libavn/a
Product-libavn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8887
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.22% / 44.31%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8676
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.26% / 48.86%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The get_vlc2 function in get_bits.h in Libav 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file. NOTE: this issue exists due to an incomplete fix for CVE-2016-8675.

Action-Not Available
Vendor-libavn/a
Product-libavn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8694
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.28% / 51.14%
||
7 Day CHG~0.00%
Published-31 Jan, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8695 and CVE-2016-8696.

Action-Not Available
Vendor-potrace_projectn/a
Product-potracen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-5037
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.65% / 70.25%
||
7 Day CHG~0.00%
Published-17 Feb, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _dwarf_load_section function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8884
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.41% / 60.64%
||
7 Day CHG~0.00%
Published-28 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-7084
Matching Score-4
Assigner-Autodesk
ShareView Details
Matching Score-4
Assigner-Autodesk
CVSS Score-5.5||MEDIUM
EPSS-0.29% / 51.47%
||
7 Day CHG~0.00%
Published-17 Apr, 2020 | 17:53
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application.

Action-Not Available
Vendor-n/aAutodesk Inc.
Product-fbx_software_development_kitAutodesk FBX-SDK
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-7905
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.54% / 67.08%
||
7 Day CHG~0.00%
Published-23 Dec, 2016 | 05:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file.

Action-Not Available
Vendor-n/aFFmpeg
Product-ffmpegn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-8695
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.28% / 51.14%
||
7 Day CHG~0.00%
Published-31 Jan, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8696.

Action-Not Available
Vendor-potrace_projectn/a
Product-potracen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-23841
Matching Score-4
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-4
Assigner-OpenSSL Software Foundation
CVSS Score-5.9||MEDIUM
EPSS-0.52% / 66.26%
||
7 Day CHG-0.09%
Published-16 Feb, 2021 | 16:55
Updated-16 Sep, 2024 | 22:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null pointer deref in X509_issuer_and_serial_hash()

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).

Action-Not Available
Vendor-Debian GNU/LinuxSiemens AGApple Inc.OpenSSLNetApp, Inc.Oracle CorporationTenable, Inc.
Product-jd_edwards_world_securityiphone_ospeoplesoft_enterprise_peopletoolssinec_insenterprise_manager_for_storage_managementopensslbusiness_intelligencemacostenable.sconcommand_workflow_automationcommunications_cloud_native_core_policysnapcenterdebian_linuxessbasegraalvmipadossafarimysql_enterprise_monitorzfs_storage_appliance_kitnessus_network_monitormysql_serverenterprise_manager_ops_centeroncommand_insightOpenSSL
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-6504
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-2.01% / 83.41%
||
7 Day CHG~0.00%
Published-06 Aug, 2016 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-6292
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-6.20% / 90.66%
||
7 Day CHG~0.00%
Published-25 Jul, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.

Action-Not Available
Vendor-n/aThe PHP Group
Product-phpn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-5029
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.65% / 70.25%
||
7 Day CHG~0.00%
Published-17 Feb, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The create_fullest_file_path function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted dwarf file.

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-5027
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.43% / 62.34%
||
7 Day CHG~0.00%
Published-24 Feb, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a denial of service (crash) via a crafted elf file.

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-5354
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.36% / 57.84%
||
7 Day CHG~0.00%
Published-07 Aug, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-5028
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.65% / 70.25%
||
7 Day CHG~0.00%
Published-17 Feb, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The print_frame_inst_bytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via an object file with empty bss-like sections.

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-5030
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.65% / 70.25%
||
7 Day CHG~0.00%
Published-17 Feb, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _dwarf_calculate_info_section_end_ptr function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-4605
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.52% / 66.40%
||
7 Day CHG~0.00%
Published-22 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted invitation.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-2365
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-5.9||MEDIUM
EPSS-3.25% / 86.85%
||
7 Day CHG~0.00%
Published-06 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a null pointer dereference. A malicious server or an attacker who intercepts the network traffic can send invalid data to trigger this vulnerability and cause a crash.

Action-Not Available
Vendor-Debian GNU/LinuxCanonical Ltd.Pidgin
Product-pidgindebian_linuxubuntu_linuxPidgin
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-2318
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 46.22%
||
7 Day CHG~0.00%
Published-03 Feb, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagickSUSEopenSUSE
Product-graphicsmagickleapstudio_onsitedebian_linuxlinux_enterprise_debuginfolinux_enterprise_software_development_kitopensusen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-2369
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-5.9||MEDIUM
EPSS-3.25% / 86.85%
||
7 Day CHG~0.00%
Published-06 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a denial of service vulnerability. A malicious server can send a packet starting with a NULL byte triggering the vulnerability.

Action-Not Available
Vendor-Debian GNU/LinuxCanonical Ltd.Pidgin
Product-pidgindebian_linuxubuntu_linuxPidgin
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-1814
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 47.34%
||
7 Day CHG~0.00%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osmac_os_xtvosn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-1811
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.03% / 76.98%
||
7 Day CHG~0.00%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.

Action-Not Available
Vendor-n/aApple Inc.
Product-watchosiphone_osmac_os_xtvosn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-30218
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.27% / 49.80%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 14:29
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

samurai 1.2 has a NULL pointer dereference in writefile() in util.c via a crafted build file.

Action-Not Available
Vendor-samurai_projectn/a
Product-samurain/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-30219
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.27% / 49.80%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 14:29
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

samurai 1.2 has a NULL pointer dereference in printstatus() function in build.c via a crafted build file.

Action-Not Available
Vendor-samurai_projectn/a
Product-samurain/a
CWE ID-CWE-476
NULL Pointer Dereference
  • Previous
  • 1
  • 2
  • ...
  • 10
  • 11
  • 12
  • 13
  • Next
Details not found