Total
4143 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-41597 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2022-41595 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2022-41598 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2022-41602 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2022-41601 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2022-41600 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2025-30320 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-05-14 | 5.5 Medium |
| InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-30319 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-05-14 | 5.5 Medium |
| InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-41603 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2025-32912 | 1 Redhat | 1 Enterprise Linux | 2025-05-14 | 6.5 Medium |
| A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash. | ||||
| CVE-2025-32398 | 1 Rt-labs | 1 P-net | 2025-05-13 | 7.5 High |
| A NULL Pointer Dereference in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-40576 | 2025-05-13 | 4.3 Medium | ||
| A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process. | ||||
| CVE-2024-49121 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-13 | 7.5 High |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | ||||
| CVE-2025-32913 | 1 Redhat | 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more | 2025-05-13 | 7.5 High |
| A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function. | ||||
| CVE-2025-2487 | 1 Redhat | 4 Directory Server, Directory Server Eus, Enterprise Linux and 1 more | 2025-05-13 | 4.9 Medium |
| A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash. | ||||
| CVE-2025-45835 | 2025-05-12 | 7.5 High | ||
| A null pointer dereference vulnerability was discovered in Netis WF2880 v2.1.40207. The vulnerability exists in the FUN_004904c8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the environment variable value CONTENT_LENGTH, causing the program to crash and potentially leading to a denial-of-service (DoS) attack. | ||||
| CVE-2021-47340 | 1 Linux | 1 Linux Kernel | 2025-05-12 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFS_SBI(inode->i_sb)->ipimap == NULL to diFree()[1]. GFP will appear: struct inode *ipimap = JFS_SBI(ip->i_sb)->ipimap; struct inomap *imap = JFS_IP(ipimap)->i_imap; JFS_IP() will return invalid pointer when ipimap == NULL Call Trace: diFree+0x13d/0x2dc0 fs/jfs/jfs_imap.c:853 [1] jfs_evict_inode+0x2c9/0x370 fs/jfs/inode.c:154 evict+0x2ed/0x750 fs/inode.c:578 iput_final fs/inode.c:1654 [inline] iput.part.0+0x3fe/0x820 fs/inode.c:1680 iput+0x58/0x70 fs/inode.c:1670 | ||||
| CVE-2024-24989 | 1 F5 | 2 Nginx Open Source, Nginx Plus | 2025-05-12 | 7.5 High |
| When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2024-55069 | 2025-05-12 | 5.3 Medium | ||
| ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in /libavformat/iamfdec.c. | ||||
| CVE-2025-21833 | 1 Linux | 1 Linux Kernel | 2025-05-10 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE There is a WARN_ON_ONCE to catch an unlikely situation when domain_remove_dev_pasid can't find the `pasid`. In case it nevertheless happens we must avoid using a NULL pointer. | ||||