Total
4232 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-35492 | 1 Cesanta | 1 Mongoose | 2025-02-13 | 7.5 High |
| Cesanta Mongoose commit b316989 was discovered to contain a NULL pointer dereference via the scpy function at src/fmt.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MQTT packet. | ||||
| CVE-2024-24194 | 1 Robdns | 1 Robdns | 2025-02-13 | 7.5 High |
| robdns commit d76d2e6 was discovered to contain a NULL pointer dereference via the item->tokens component at /src/conf-parse.c. | ||||
| CVE-2025-0492 | 2025-02-12 | 7.5 High | ||
| A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical. Affected by this vulnerability is the function FUN_00412244. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-0696 | 2025-02-12 | 5.3 Medium | ||
| A NULL Pointer Dereference vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input. | ||||
| CVE-2025-24483 | 2025-02-12 | N/A | ||
| NULL pointer dereference vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system where the product is running, the system may cause a Blue Screen of Death (BSOD), and as a result, cause a denial-of-service (DoS) condition. | ||||
| CVE-2023-51394 | 1 Silabs | 1 Emberznet | 2025-02-12 | 5.3 Medium |
| High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash. | ||||
| CVE-2022-24810 | 4 Debian, Fedoraproject, Net-snmp and 1 more | 5 Debian Linux, Fedora, Net-snmp and 2 more | 2025-02-11 | 6.5 Medium |
| net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | ||||
| CVE-2024-50665 | 1 Gpac | 1 Gpac | 2025-02-11 | 5.5 Medium |
| gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_cenc_get_sai_by_saiz_saio in MP4Box. | ||||
| CVE-2022-47465 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-11 | 5.5 Medium |
| In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service. | ||||
| CVE-2023-0197 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Virtual Gpu, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2025-02-11 | 5.5 Medium |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service. | ||||
| CVE-2023-26917 | 1 Cesnet | 1 Libyang | 2025-02-11 | 7.5 High |
| libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c. | ||||
| CVE-2022-47468 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | 5.5 Medium |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | ||||
| CVE-2022-47467 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | 5.5 Medium |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | ||||
| CVE-2022-47466 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | 5.5 Medium |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | ||||
| CVE-2025-24031 | 2025-02-10 | 3.3 Low | ||
| PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, `pam_get_pwd` will never initialize the password buffer pointer and as such `cleanse` will try to dereference an uninitialized pointer. On my system this pointer happens to have the value 3 most of the time when running sudo and as such it will segfault. The most likely impact to a system affected by this issue is an availability impact due to a daemon that uses PAM crashing. As of time of publication, a patch for the issue is unavailable. | ||||
| CVE-2023-1994 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2025-02-07 | 6.3 Medium |
| GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2024-31420 | 1 Redhat | 1 Container Native Virtualization | 2025-02-07 | 6.5 Medium |
| A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine. | ||||
| CVE-2023-3106 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2025-02-07 | 6.6 Medium |
| A NULL pointer dereference vulnerability was found in netlink_dump. This issue can occur when the Netlink socket receives the message(sendmsg) for the XFRM_MSG_GETSA, XFRM_MSG_GETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is unlikely. | ||||
| CVE-2023-29569 | 1 Cesanta | 1 Mjs | 2025-02-06 | 5.5 Medium |
| Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS). | ||||
| CVE-2024-30403 | 1 Juniper | 1 Junos Os Evolved | 2025-02-06 | 6.5 Medium |
| A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process, the interface flaps, an Advanced Forwarding Toolkit manager (evo-aftmand-bt) core is observed. This leads to a PFE restart. The crash reoccurs if the same sequence of events happens, which will lead to a sustained DoS condition. This issue affects Juniper Networks Junos OS Evolved 23.2-EVO versions earlier than 23.2R1-S1-EVO, 23.2R2-EVO. | ||||