Total
5280 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3623 | 1 Linux | 1 Linux Kernel | 2025-04-09 | N/A |
| The lookup_cb_cred function in fs/nfsd/nfs4callback.c in the nfsd4 subsystem in the Linux kernel before 2.6.31.2 attempts to access a credentials cache even when a client specifies the AUTH_NULL authentication flavor, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an NFSv4 mount request. | ||||
| CVE-2009-3620 | 6 Canonical, Fedoraproject, Linux and 3 more | 11 Ubuntu Linux, Fedora, Linux Kernel and 8 more | 2025-04-09 | 7.8 High |
| The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. | ||||
| CVE-2009-3083 | 2 Pidgin, Redhat | 3 Libpurple, Pidgin, Enterprise Linux | 2025-04-09 | N/A |
| The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client. | ||||
| CVE-2009-3550 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-09 | N/A |
| The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5006 | 1 University Of Washington | 1 Imap Toolkit | 2025-04-09 | N/A |
| smtp.c in the c-client library in University of Washington IMAP Toolkit 2007b allows remote SMTP servers to cause a denial of service (NULL pointer dereference and application crash) by responding to the QUIT command with a close of the TCP connection instead of the expected 221 response code. | ||||
| CVE-2023-32008 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-04-08 | 7.8 High |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | ||||
| CVE-2022-4842 | 1 Linux | 1 Linux Kernel | 2025-04-08 | 5.5 Medium |
| A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driver function attr_punch_hole() was found. A local user could use this flaw to crash the system. | ||||
| CVE-2023-24938 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 8 more | 2025-04-08 | 6.5 Medium |
| Windows CryptoAPI Denial of Service Vulnerability | ||||
| CVE-2024-11706 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-07 | 6.5 Medium |
| A null pointer dereference may have inadvertently occurred in `pk12util`, and specifically in the `SEC_ASN1DecodeItem_Util` function, when handling malformed or improperly formatted input files. This vulnerability affects Firefox < 133 and Thunderbird < 133. | ||||
| CVE-2022-41858 | 3 Linux, Netapp, Redhat | 8 Linux Kernel, Hci Baseboard Management Controller, Enterprise Linux and 5 more | 2025-04-07 | 7.1 High |
| A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. | ||||
| CVE-2025-31115 | 1 Redhat | 1 Enterprise Linux | 2025-04-07 | 7.5 High |
| XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on the null pointer plus an offset. Applications and libraries that use the lzma_stream_decoder_mt function are affected. The bug has been fixed in XZ Utils 5.8.1, and the fix has been committed to the v5.4, v5.6, v5.8, and master branches in the xz Git repository. No new release packages will be made from the old stable branches, but a standalone patch is available that applies to all affected releases. | ||||
| CVE-2023-0122 | 1 Linux | 1 Linux Kernel | 2025-04-04 | 7.5 High |
| A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4. | ||||
| CVE-2022-47929 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-04-04 | 5.5 Medium |
| In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. | ||||
| CVE-2022-47024 | 2 Redhat, Vim | 2 Enterprise Linux, Vim | 2025-04-03 | 7.8 High |
| A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts. | ||||
| CVE-2022-47021 | 2 Fedoraproject, Xiph | 2 Fedora, Opusfile | 2025-04-03 | 7.8 High |
| A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts. | ||||
| CVE-2022-47015 | 2 Mariadb, Redhat | 3 Mariadb, Enterprise Linux, Rhel Software Collections | 2025-04-03 | 6.5 Medium |
| MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer. | ||||
| CVE-2006-2661 | 4 Canonical, Debian, Freetype and 1 more | 4 Ubuntu Linux, Debian Linux, Freetype and 1 more | 2025-04-03 | N/A |
| ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. | ||||
| CVE-1999-0052 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2025-04-03 | 7.5 High |
| IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. | ||||
| CVE-2004-0458 | 2 Debian, Nicolas Boullis | 2 Debian Linux, Mah-jong | 2025-04-03 | 7.5 High |
| mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference. | ||||
| CVE-2005-2974 | 2 Libungif, Redhat | 2 Libungif, Enterprise Linux | 2025-04-03 | N/A |
| libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference. | ||||