Total
3737 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-19011 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette. | |||||
| CVE-2019-18976 | 2 Debian, Digium | 3 Debian Linux, Asterisk, Certified Asterisk | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940. | |||||
| CVE-2019-18885 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15. | |||||
| CVE-2019-18838 | 1 Envoyproxy | 1 Envoy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An encoder filter that invokes route manager APIs that access a request's Host header causes a NULL pointer dereference, resulting in abnormal termination of the Envoy process. | |||||
| CVE-2019-18804 | 5 Canonical, Debian, Djvulibre Project and 2 more | 5 Ubuntu Linux, Debian Linux, Djvulibre and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. | |||||
| CVE-2019-18799 | 1 Sass-lang | 1 Libsass | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parser_selectors.cpp. | |||||
| CVE-2019-18680 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0. | |||||
| CVE-2019-18635 | 1 Themooltipass | 1 Moolticute | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mooltipass Moolticute through v0.42.1 and v0.42.x-testing through v0.42.5-testing. There is a NULL pointer dereference in MPDevice_win.cpp. | |||||
| CVE-2019-18388 | 3 Debian, Opensuse, Virglrenderer Project | 3 Debian Linux, Leap, Virglrenderer | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands. | |||||
| CVE-2019-18190 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus\+ Security 2020, Internet Security 2020 and 2 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsigned code execution under certain circumstances. | |||||
| CVE-2019-17539 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer. | |||||
| CVE-2019-17502 | 1 Hydra Project | 1 Hydra | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Hydra through 0.1.8 has a NULL pointer dereference and daemon crash when processing POST requests that lack a Content-Length header. read.c, request.c, and util.c contribute to this. The process_header_end() function calls boa_atoi(), which ultimately calls atoi() on a NULL pointer. | |||||
| CVE-2019-17454 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info. | |||||
| CVE-2019-17453 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact. | |||||
| CVE-2019-17452 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump. | |||||
| CVE-2019-17064 | 1 Glyphandcog | 1 Xpdfreader | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. | |||||
| CVE-2019-16754 | 1 Riot-os | 1 Riot | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation (asymcute), potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response. To do so, the attacker needs to know the MQTT MsgID of a pending MQTT protocol message and the ephemeral port used by RIOT's MQTT implementation. Additionally, the server IP address is required for spoofing the packet. | |||||
| CVE-2019-16351 | 1 Rockcarry | 1 Ffjpeg | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. | |||||
| CVE-2019-16350 | 1 Rockcarry | 1 Ffjpeg | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c. | |||||
| CVE-2019-16349 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class. | |||||