Total
4549 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-35985 | 1 Adobe | 2 Acrobat Dc, Acrobat Reader Dc | 2024-11-21 | 5.5 Medium |
| Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-35984 | 1 Adobe | 2 Acrobat Dc, Acrobat Reader Dc | 2024-11-21 | 5.5 Medium |
| Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Null pointer dereference vulnerability. An authenticated attacker could leverage this vulnerability achieve an application denial-of-service in the context of the current user. Exploitation of this issue does not requires user interaction. | ||||
| CVE-2021-35578 | 5 Debian, Fedoraproject, Netapp and 2 more | 18 Debian Linux, Fedora, Active Iq Unified Manager and 15 more | 2024-11-21 | 5.3 Medium |
| Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | ||||
| CVE-2021-35307 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.5 Medium |
| An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS). | ||||
| CVE-2021-35306 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.5 Medium |
| An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the function AP4_StszAtom::WriteFields located in Ap4StszAtom.cpp. It allows an attacker to cause a denial of service (DOS). | ||||
| CVE-2021-35135 | 1 Qualcomm | 336 Apq8017, Apq8017 Firmware, Apq8037 and 333 more | 2024-11-21 | 6.2 Medium |
| A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||||
| CVE-2021-35087 | 1 Qualcomm | 82 Ar8035, Ar8035 Firmware, Qca6390 and 79 more | 2024-11-21 | 7.5 High |
| Possible null pointer access due to improper validation of system information message to be processed in Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2021-35076 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Qca6390 and 111 more | 2024-11-21 | 7.5 High |
| Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2021-35075 | 1 Qualcomm | 98 Ar8035, Ar8035 Firmware, Qca6174a and 95 more | 2024-11-21 | 8.4 High |
| Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2021-35068 | 1 Qualcomm | 200 Apq8009w, Apq8009w Firmware, Aqt1000 and 197 more | 2024-11-21 | 8.4 High |
| Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | ||||
| CVE-2021-34798 | 9 Apache, Broadcom, Debian and 6 more | 21 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 18 more | 2024-11-21 | 7.5 High |
| Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. | ||||
| CVE-2021-34737 | 1 Cisco | 37 Asr 9000v-v2, Asr 9001, Asr 9006 and 34 more | 2024-11-21 | 5.8 Medium |
| A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload. | ||||
| CVE-2021-34555 | 2 Fedoraproject, Trusteddomain | 2 Fedora, Opendmarc | 2024-11-21 | 7.5 High |
| OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a multi-value From header field. | ||||
| CVE-2021-34418 | 1 Zoom | 5 Zoom On-premise Meeting Connector Controller, Zoom On-premise Meeting Connector Mmr, Zoom On-premise Recording Connector and 2 more | 2024-11-21 | 4 Medium |
| The login routine of the web console in the Zoom On-Premise Meeting Connector before version 4.6.239.20200613, Zoom On-Premise Meeting Connector MMR before version 4.6.239.20200613, Zoom On-Premise Recording Connector before version 3.8.42.20200905, Zoom On-Premise Virtual Room Connector before version 4.4.6344.20200612, and Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5492.20200616 fails to validate that a NULL byte was sent while authenticating. This could lead to a crash of the login service. | ||||
| CVE-2021-34406 | 2 Google, Nvidia | 2 Android, Shield Experience | 2024-11-21 | 4.7 Medium |
| NVIDIA Tegra kernel driver contains a vulnerability in NVHost, where a specific race condition can lead to a null pointer dereference, which may lead to a system reboot. | ||||
| CVE-2021-34122 | 1 Rockcarry | 1 Ffjpeg | 2024-11-21 | 5.5 Medium |
| The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference. | ||||
| CVE-2021-33798 | 1 Libpano13 Project | 1 Libpano13 | 2024-11-21 | 4.7 Medium |
| A null pointer dereference was found in libpano13, version libpano13-2.9.20. The flow allows attackers to cause a denial of service and potential code execute via a crafted file. | ||||
| CVE-2021-33717 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-11-21 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2.0.1), Teamcenter Visualization (All versions < V13.2.0.1). When parsing specially crafted CGM Files, a NULL pointer deference condition could cause the application to crash. The application must be restarted to restore the service. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application. | ||||
| CVE-2021-33715 | 1 Siemens | 1 Jt Utilities | 2024-11-21 | 5.5 Medium |
| A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a race condition could cause an object to be released before being operated on, leading to NULL pointer deference condition and causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application. | ||||
| CVE-2021-33714 | 1 Siemens | 1 Jt Utilities | 2024-11-21 | 5.5 Medium |
| A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a missing check for the validity of an iterator leads to NULL pointer deference condition, causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application. | ||||