Total
4096 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19542 | 5 Canonical, Debian, Jasper Project and 2 more | 6 Ubuntu Linux, Debian Linux, Jasper and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service. | |||||
| CVE-2018-19532 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an attacker to cause Denial of Service. | |||||
| CVE-2018-19504 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c. | |||||
| CVE-2018-19432 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. | |||||
| CVE-2018-19407 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. | |||||
| CVE-2018-19406 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized. | |||||
| CVE-2018-19395 | 1 Php | 1 Php | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell"). | |||||
| CVE-2018-19217 | 1 Gnu | 1 Ncurses | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party | |||||
| CVE-2018-19211 | 1 Gnu | 1 Ncurses | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection. | |||||
| CVE-2018-19210 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset. | |||||
| CVE-2018-19209 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack. | |||||
| CVE-2018-19208 | 3 Libwpd Project, Redhat, Suse | 3 Libwpd, Enterprise Linux, Suse Linux Enterprise Server | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h. | |||||
| CVE-2018-19200 | 2 Debian, Uriparser Project | 2 Debian Linux, Uriparser | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function. | |||||
| CVE-2018-19184 | 1 Ethereum | 1 Go Ethereum | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to cause a denial of service (SEGV) via crafted bytecode. | |||||
| CVE-2018-19149 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Poppler | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment. | |||||
| CVE-2018-19129 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ff_mpa_synth_filter_float in libavcodec/mpegaudiodsp_template.c can cause a segmentation fault (application crash) via a crafted mov file. | |||||
| CVE-2018-19122 | 1 Mz-automation | 1 Libiec61850 | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c. | |||||
| CVE-2018-19121 | 1 Mz-automation | 1 Libiec61850 | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c. | |||||
| CVE-2018-19060 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Poppler | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path. | |||||
| CVE-2018-19029 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | 8.3 HIGH | 7.8 HIGH |
| LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, which may allow remote code execution, data exfiltration, or cause a system crash. | |||||