CWE-476
NULL Pointer Dereference
Description
The product dereferences a pointer that it expects to be valid but is NULL.
Hierarchy (View 1000)
CVEs mapped to this weakness (1,587)
page 31 of 80| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-18250 | Med | 0.42 | 6.5 | 0.01 | Mar 27, 2018 | An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-18247 | Med | 0.42 | 6.5 | 0.01 | Mar 23, 2018 | The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file. | ||
| CVE-2017-18231 | Med | 0.42 | 6.5 | 0.02 | Mar 14, 2018 | An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-18230 | Med | 0.42 | 6.5 | 0.02 | Mar 14, 2018 | An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2016-9600 | Med | 0.42 | 6.5 | 0.02 | Mar 12, 2018 | JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. | ||
| CVE-2018-7872 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||
| CVE-2018-7870 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | An invalid memory address dereference was discovered in getString in util/decompile.c in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||
| CVE-2018-7866 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||
| CVE-2018-5449 | Med | 0.42 | 6.5 | 0.00 | Mar 5, 2018 | A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack. | ||
| CVE-2018-7542 | Med | 0.42 | 6.5 | 0.00 | Feb 27, 2018 | An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC. | ||
| CVE-2018-7456 | Med | 0.42 | 6.5 | 0.03 | Feb 24, 2018 | A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the… | ||
| CVE-2018-2384 | Med | 0.42 | 6.5 | 0.01 | Feb 14, 2018 | Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services. | ||
| CVE-2018-6942 | Med | 0.42 | 6.5 | 0.02 | Feb 13, 2018 | An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file. | ||
| CVE-2017-13235 | Med | 0.42 | 6.5 | 0.00 | Feb 12, 2018 | A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866. | ||
| CVE-2018-5710 | Med | 0.42 | 6.5 | 0.02 | Jan 16, 2018 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to… | ||
| CVE-2017-1000460 | Med | 0.42 | 6.5 | 0.00 | Jan 3, 2018 | In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception. | ||
| CVE-2017-1000445 | Med | 0.42 | 6.5 | 0.02 | Jan 2, 2018 | ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service | ||
| CVE-2017-18013 | Med | 0.42 | 6.5 | 0.03 | Jan 1, 2018 | In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. | ||
| CVE-2017-17555 | Med | 0.42 | 6.5 | 0.01 | Dec 12, 2017 | The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file. | ||
| CVE-2017-17505 | Med | 0.42 | 6.5 | 0.01 | Dec 11, 2017 | In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. |
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.01
The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.02
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.
- risk 0.42cvss 6.5epss 0.02
An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- risk 0.42cvss 6.5epss 0.02
An invalid memory address dereference was discovered in getString in util/decompile.c in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- risk 0.42cvss 6.5epss 0.02
A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- risk 0.42cvss 6.5epss 0.00
A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack.
- risk 0.42cvss 6.5epss 0.00
An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.
- risk 0.42cvss 6.5epss 0.03
A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the…
- risk 0.42cvss 6.5epss 0.01
Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
- risk 0.42cvss 6.5epss 0.00
A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to…
- risk 0.42cvss 6.5epss 0.00
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
- risk 0.42cvss 6.5epss 0.03
In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.
- risk 0.42cvss 6.5epss 0.01
The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.
- risk 0.42cvss 6.5epss 0.01
In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.