Search Results (5012 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-33299 1 Qualcomm 88 Apq8017, Apq8017 Firmware, Apq8096au and 85 more 2025-04-09 7.5 High
Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data.
CVE-2022-33290 1 Qualcomm 92 Apq8017, Apq8017 Firmware, Apq8096au and 89 more 2025-04-09 7.5 High
Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed.
CVE-2022-43972 1 Linksys 2 Wrt54gl, Wrt54gl Firmware 2025-04-09 6.5 Medium
A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A null pointer dereference in the soap_action function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the AddPortMapping action.
CVE-2008-2812 8 Avaya, Canonical, Debian and 5 more 16 Communication Manager, Expanded Meet-me Conferencing, Intuity Audix Lx and 13 more 2025-04-09 7.8 High
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.
CVE-2009-2767 1 Linux 2 Kernel, Linux Kernel 2025-04-09 N/A
The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW clock_nanosleep call that triggers a NULL pointer dereference.
CVE-2007-1420 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2025-04-09 N/A
MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
CVE-2009-2698 6 Canonical, Fedoraproject, Linux and 3 more 14 Ubuntu Linux, Fedora, Linux Kernel and 11 more 2025-04-09 7.8 High
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
CVE-2009-2908 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-09 N/A
The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
CVE-2009-3978 1 Mozilla 1 Firefox 2025-04-09 N/A
The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox before 3.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an animated GIF file with a large image size, a different vulnerability than CVE-2009-3373.
CVE-2009-2287 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2025-04-09 N/A
The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function.
CVE-2009-1902 2 Fedoraproject, Trustwave 2 Fedora, Modsecurity 2025-04-09 N/A
The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service (crash) via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference.
CVE-2009-2703 2 Pidgin, Redhat 3 Libpurple, Pidgin, Enterprise Linux 2025-04-09 N/A
libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.
CVE-2008-3597 1 Skulltag 1 Skulltag 2025-04-09 7.5 High
Skulltag before 0.97d2-RC6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by sending a "command 29" packet when the player is not in the game.
CVE-2007-4565 2 Fetchmail, Redhat 2 Fetchmail, Enterprise Linux 2025-04-09 N/A
sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.
CVE-2007-5938 2 Intel, Redhat 3 Pro Wireless 3945abg, Wireless Wifi Link 4965agn, Enterprise Linux 2025-04-09 N/A
The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwl_get_hw_mode return value without checking for NULL, which might allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors during module initialization.
CVE-2007-3473 2 Libgd, Redhat 2 Gd Graphics Library, Enterprise Linux 2025-04-09 N/A
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.
CVE-2007-0039 1 Microsoft 1 Exchange Server 2025-04-09 N/A
The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception.
CVE-2007-0887 1 Gecad Technologies 1 Axigen Mail Server 2025-04-09 N/A
axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp).
CVE-2009-2849 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2025-04-09 N/A
The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker.
CVE-2008-0172 3 Boost, Redhat, Ubuntu 3 Boost, Enterprise Linux, Ubuntu Linux 2025-04-09 N/A
The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.