VYPR

CWE-476

NULL Pointer Dereference

BaseStableLikelihood: Medium

Description

The product dereferences a pointer that it expects to be valid but is NULL.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (1,587)

page 31 of 80
  • CVE-2017-18250MedMar 27, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-18247MedMar 23, 2018
    risk 0.42cvss 6.5epss 0.01

    The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.

  • CVE-2017-18231MedMar 14, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-18230MedMar 14, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2016-9600MedMar 12, 2018
    risk 0.42cvss 6.5epss 0.02

    JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.

  • CVE-2018-7872MedMar 8, 2018
    risk 0.42cvss 6.5epss 0.02

    An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

  • CVE-2018-7870MedMar 8, 2018
    risk 0.42cvss 6.5epss 0.02

    An invalid memory address dereference was discovered in getString in util/decompile.c in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

  • CVE-2018-7866MedMar 8, 2018
    risk 0.42cvss 6.5epss 0.02

    A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

  • CVE-2018-5449MedMar 5, 2018
    risk 0.42cvss 6.5epss 0.00

    A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack.

  • CVE-2018-7542MedFeb 27, 2018
    risk 0.42cvss 6.5epss 0.00

    An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.

  • CVE-2018-7456MedFeb 24, 2018
    risk 0.42cvss 6.5epss 0.03

    A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the…

  • CVE-2018-2384MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.

  • CVE-2018-6942MedFeb 13, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.

  • CVE-2017-13235MedFeb 12, 2018
    risk 0.42cvss 6.5epss 0.00

    A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866.

  • CVE-2018-5710MedJan 16, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to…

  • CVE-2017-1000460MedJan 3, 2018
    risk 0.42cvss 6.5epss 0.00

    In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.

  • CVE-2017-1000445MedJan 2, 2018
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service

  • CVE-2017-18013MedJan 1, 2018
    risk 0.42cvss 6.5epss 0.03

    In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.

  • CVE-2017-17555MedDec 12, 2017
    risk 0.42cvss 6.5epss 0.01

    The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.

  • CVE-2017-17505MedDec 11, 2017
    risk 0.42cvss 6.5epss 0.01

    In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.