Total
4253 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-40476 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| A null pointer dereference issue was discovered in fs/io_uring.c in the Linux kernel before 5.15.62. A local user could use this flaw to crash the system or potentially cause a denial of service. | ||||
| CVE-2022-3358 | 2 Openssl, Redhat | 2 Openssl, Enterprise Linux | 2024-11-21 | 7.5 High |
| OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers passed to the EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and EVP_CipherInit_ex2() functions (as well as other similarly named encryption and decryption initialisation functions). Instead of using the custom cipher directly it incorrectly tries to fetch an equivalent cipher from the available providers. An equivalent cipher is found based on the NID passed to EVP_CIPHER_meth_new(). This NID is supposed to represent the unique NID for a given cipher. However it is possible for an application to incorrectly pass NID_undef as this value in the call to EVP_CIPHER_meth_new(). When NID_undef is used in this way the OpenSSL encryption/decryption initialisation function will match the NULL cipher as being equivalent and will fetch this from the available providers. This will succeed if the default provider has been loaded (or if a third party provider has been loaded that offers this cipher). Using the NULL cipher means that the plaintext is emitted as the ciphertext. Applications are only affected by this issue if they call EVP_CIPHER_meth_new() using NID_undef and subsequently use it in a call to an encryption/decryption initialisation function. Applications that only use SSL/TLS are not impacted by this issue. Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5). | ||||
| CVE-2022-3202 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2024-11-21 | 7.1 High |
| A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information. | ||||
| CVE-2022-3153 | 1 Vim | 1 Vim | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. | ||||
| CVE-2022-3078 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Linux kernel through 5.16-rc6. There is a lack of check after calling vzalloc() and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c. | ||||
| CVE-2022-39829 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new. | ||||
| CVE-2022-39028 | 4 Debian, Gnu, Mit and 1 more | 4 Debian Linux, Inetutils, Kerberos 5 and 1 more | 2024-11-21 | 7.5 High |
| telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8. | ||||
| CVE-2022-38497 | 1 Lief-project | 1 Lief | 2024-11-21 | 5.5 Medium |
| LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69. | ||||
| CVE-2022-38307 | 1 Lief-project | 1 Lief | 2024-11-21 | 5.5 Medium |
| LIEF commit 5d1d643 was discovered to contain a segmentation violation via the function LIEF::MachO::SegmentCommand::file_offset() at /MachO/SegmentCommand.cpp. | ||||
| CVE-2022-38096 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Logging and 5 more | 2024-11-21 | 6.3 Medium |
| A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). | ||||
| CVE-2022-37797 | 2 Debian, Lighttpd | 2 Debian Linux, Lighttpd | 2024-11-21 | 7.5 High |
| In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition. | ||||
| CVE-2022-36648 | 1 Qemu | 1 Qemu | 2024-11-21 | 10.0 Critical |
| The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third parties as not a valid vulnerability due to the rocker device not falling within the virtualization use case. | ||||
| CVE-2022-36622 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1. | ||||
| CVE-2022-36621 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject. | ||||
| CVE-2022-36227 | 5 Debian, Fedoraproject, Libarchive and 2 more | 6 Debian Linux, Fedora, Libarchive and 3 more | 2024-11-21 | 9.8 Critical |
| In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution." | ||||
| CVE-2022-36186 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.5 High |
| A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1. | ||||
| CVE-2022-36153 | 1 Monostream | 1 Tifig | 2024-11-21 | 5.5 Medium |
| tifig v0.2.2 was discovered to contain a segmentation violation via std::vector<unsigned int, std::allocator<unsigned int> >::size() const at /bits/stl_vector.h. | ||||
| CVE-2022-36151 | 1 Monostream | 1 Tifig | 2024-11-21 | 5.5 Medium |
| tifig v0.2.2 was discovered to contain a segmentation violation via getType() at /common/bbox.cpp. | ||||
| CVE-2022-35484 | 1 Otfcc Project | 1 Otfcc | 2024-11-21 | 6.5 Medium |
| OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f. | ||||
| CVE-2022-35245 | 1 F5 | 1 Big-ip Access Policy Manager | 2024-11-21 | 7.5 High |
| In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5.1, when a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||