Total
5367 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3116 | 1 Heimdal Project | 1 Heimdal | 2025-02-24 | 7.5 High |
| The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash. | ||||
| CVE-2024-40982 | 2025-02-24 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-1583 | 1 Linux | 1 Linux Kernel | 2025-02-20 | 5.5 Medium |
| A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. When fixed files are unregistered, some context information (file_alloc_{start,end} and alloc_hint) is not cleared. A subsequent request that has auto index selection enabled via IORING_FILE_INDEX_ALLOC can cause a NULL pointer dereference. An unprivileged user can use the flaw to cause a system crash. | ||||
| CVE-2023-25676 | 1 Google | 1 Tensorflow | 2025-02-19 | 7.5 High |
| TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1. | ||||
| CVE-2023-25670 | 1 Google | 1 Tensorflow | 2025-02-19 | 7.5 High |
| TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. | ||||
| CVE-2023-25663 | 1 Google | 1 Tensorflow | 2025-02-19 | 7.5 High |
| TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `ctx->step_containter()` is a null ptr, the Lookup function will be executed with a null pointer. A fix is included in TensorFlow 2.12.0 and 2.11.1. | ||||
| CVE-2023-25665 | 1 Google | 1 Tensorflow | 2025-02-19 | 7.5 High |
| TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `SparseSparseMaximum` is given invalid sparse tensors as inputs, it can give a null pointer error. A fix is included in TensorFlow version 2.12 and version 2.11.1. | ||||
| CVE-2023-25660 | 1 Google | 1 Tensorflow | 2025-02-19 | 7.5 High |
| TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when the parameter `summarize` of `tf.raw_ops.Print` is zero, the new method `SummarizeArray<bool>` will reference to a nullptr, leading to a seg fault. A fix is included in TensorFlow version 2.12 and version 2.11.1. | ||||
| CVE-2023-1628 | 1 Jiangmin | 1 Jiangmin Antivirus | 2025-02-19 | 5.5 Medium |
| A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224010 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-25674 | 1 Google | 1 Tensorflow | 2025-02-19 | 7.5 High |
| TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1. | ||||
| CVE-2023-25672 | 1 Google | 1 Tensorflow | 2025-02-19 | 7.5 High |
| TensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. | ||||
| CVE-2022-44369 | 1 Nasm | 1 Netwide Assembler | 2025-02-18 | 5.5 Medium |
| NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference via output/outaout.c. | ||||
| CVE-2022-44368 | 1 Nasm | 1 Netwide Assembler | 2025-02-18 | 5.5 Medium |
| NASM v2.16 was discovered to contain a null pointer deference in the NASM component | ||||
| CVE-2023-26916 | 2 Cesnet, Fedoraproject | 2 Libyang, Fedora | 2025-02-18 | 5.3 Medium |
| libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c. | ||||
| CVE-2020-23259 | 1 Jsish | 1 Jsish | 2025-02-14 | 7.5 High |
| An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the Jsi_Strlen function in the src/jsiChar.c file. | ||||
| CVE-2024-24860 | 1 Linux | 1 Linux Kernel | 2025-02-13 | 4.6 Medium |
| A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | ||||
| CVE-2024-35200 | 2 F5, Fedoraproject | 4 Nginx, Nginx Open Source, Nginx Plus and 1 more | 2025-02-13 | 5.3 Medium |
| When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate. | ||||
| CVE-2023-5441 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2025-02-13 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. | ||||
| CVE-2023-45667 | 1 Nothings | 2 Stb Image, Stb Image.h | 2025-02-13 | 5.3 Medium |
| stb_image is a single file MIT licensed library for processing images. If `stbi__load_gif_main` in `stbi_load_gif_from_memory` fails it returns a null pointer and may keep the `z` variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls `stbi__vertical_flip_slices` with the null pointer result value and the uninitialized `z` value. This may result in a program crash. | ||||
| CVE-2023-3354 | 3 Fedoraproject, Qemu, Redhat | 10 Fedora, Qemu, Advanced Virtualization and 7 more | 2025-02-13 | 7.5 High |
| A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service. | ||||