Total
5322 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33193 | 6 Apache, Debian, Fedoraproject and 3 more | 9 Http Server, Debian Linux, Fedora and 6 more | 2025-05-01 | 7.5 High |
| A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48. | ||||
| CVE-2024-25768 | 2 Opendmarc, Trusteddomain | 2 Opendmarc, Opendmarc | 2025-05-01 | 7.5 High |
| OpenDMARC 1.4.2 contains a null pointer dereference vulnerability in /OpenDMARC/libopendmarc/opendmarc_policy.c. | ||||
| CVE-2024-34088 | 1 Frrouting | 1 Frrouting | 2025-05-01 | 7.5 High |
| In FRRouting (FRR) through 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service. | ||||
| CVE-2022-37290 | 2 Fedoraproject, Gnome | 2 Fedora, Nautilus | 2025-05-01 | 5.5 Medium |
| GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive. | ||||
| CVE-2022-34666 | 5 Citrix, Linux, Microsoft and 2 more | 6 Hypervisor, Linux Kernel, Windows and 3 more | 2025-05-01 | 6.5 Medium |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service. | ||||
| CVE-2024-23722 | 2 Fluent, Treasuredata | 2 Fluent Bit, Fluent Bit | 2025-04-30 | 7.5 High |
| In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly. | ||||
| CVE-2022-43495 | 1 Openharmony | 1 Openharmony | 2025-04-30 | 6.5 Medium |
| OpenHarmony-v3.1.2 and prior versions had a DOS vulnerability in distributedhardware_device_manager when joining a network. Network attakcers can send an abonormal packet when joining a network, cause a nullptr reference and device reboot. | ||||
| CVE-2022-34665 | 3 Linux, Microsoft, Nvidia | 8 Linux Kernel, Windows, Cloud Gaming Guest and 5 more | 2025-04-29 | 6.5 Medium |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service. | ||||
| CVE-2022-31613 | 2 Microsoft, Nvidia | 7 Windows, Cloud Gaming Guest, Geforce and 4 more | 2025-04-29 | 7.1 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where any local user can cause a null-pointer dereference, which may lead to a kernel panic. | ||||
| CVE-2022-31615 | 1 Nvidia | 4 Geforce, Gpu Display Driver, Rtx and 1 more | 2025-04-29 | 5.5 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service. | ||||
| CVE-2024-26342 | 1 Asus | 3 4g-ac68u, 4g-ac68u Firmware, Ac68u | 2025-04-28 | 7.5 High |
| A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet. | ||||
| CVE-2024-25260 | 1 Elfutils Project | 1 Elfutils | 2025-04-25 | 4 Medium |
| elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c. | ||||
| CVE-2023-37186 | 1 Blosc | 1 C-blosc2 | 2025-04-25 | 7.5 High |
| C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference in ndlz/ndlz8x8.c via a NULL pointer to memset. | ||||
| CVE-2023-37188 | 1 Blosc | 1 C-blosc2 | 2025-04-25 | 7.5 High |
| C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_rate_decompress at zfp/blosc2-zfp.c. | ||||
| CVE-2023-37187 | 1 Blosc | 1 C-blosc2 | 2025-04-25 | 7.5 High |
| C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the zfp/blosc2-zfp.c zfp_acc_decompress. function. | ||||
| CVE-2023-37185 | 1 Blosc | 1 C-blosc2 | 2025-04-25 | 7.5 High |
| C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_prec_decompress at zfp/blosc2-zfp.c. | ||||
| CVE-2022-20521 | 1 Google | 1 Android | 2025-04-23 | 5 Medium |
| In sdpu_find_most_specific_service_uuid of sdp_utils.cc, there is a possible way to crash Bluetooth due to a missing null check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227203684 | ||||
| CVE-2020-9746 | 6 Adobe, Apple, Google and 3 more | 8 Flash Player, Macos, Chrome Os and 5 more | 2025-04-23 | 7 High |
| Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response that is by default delivered over TLS/SSL. | ||||
| CVE-2021-28601 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2025-04-23 | 3.3 Low |
| Adobe After Effects version 18.2 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-40756 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2025-04-23 | 5.5 Medium |
| Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||