Total
3979 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-2132 | 4 Canonical, Mongodb, Opensuse and 1 more | 4 Ubuntu Linux, Mongodb, Opensuse and 1 more | 2024-11-21 | N/A |
| bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef." | ||||
| CVE-2013-1819 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2024-11-21 | N/A |
| The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability to mount an XFS filesystem containing a metadata inode with an invalid extent map. | ||||
| CVE-2013-1774 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2024-11-21 | N/A |
| The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter. | ||||
| CVE-2013-1418 | 4 Debian, Mit, Opensuse and 1 more | 4 Debian Linux, Kerberos 5, Opensuse and 1 more | 2024-11-21 | N/A |
| The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request. | ||||
| CVE-2013-1417 | 1 Mit | 1 Kerberos 5 | 2024-11-21 | N/A |
| do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service (daemon crash) via a TGS-REQ request that triggers an attempted cross-realm referral for a host-based service principal. | ||||
| CVE-2013-1416 | 4 Fedoraproject, Mit, Opensuse and 1 more | 9 Fedora, Kerberos 5, Opensuse and 6 more | 2024-11-21 | N/A |
| The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request. | ||||
| CVE-2013-1415 | 3 Mit, Opensuse, Redhat | 3 Kerberos 5, Opensuse, Enterprise Linux | 2024-11-21 | N/A |
| The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed KRB5_PADATA_PK_AS_REQ AS-REQ request. | ||||
| CVE-2013-1059 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | N/A |
| net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. | ||||
| CVE-2013-0860 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | N/A |
| The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data. | ||||
| CVE-2013-0310 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
| The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call. | ||||
| CVE-2012-5668 | 1 Freetype | 1 Freetype | 2024-11-21 | N/A |
| FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function. | ||||
| CVE-2012-5640 | 1 Acme | 1 Thttpd | 2024-11-21 | 5.5 Medium |
| thttpd has a local DoS vulnerability via specially-crafted .htpasswd files | ||||
| CVE-2012-5389 | 1 Dart | 1 Powertcp Webserver For Activex | 2024-11-21 | 7.5 High |
| NULL Pointer Dereference in PowerTCP WebServer for ActiveX 1.9.2 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted HTTP request. | ||||
| CVE-2012-4514 | 1 Kde | 1 Kde | 2024-11-21 | N/A |
| rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part." | ||||
| CVE-2012-4233 | 2 Libreoffice, Sun | 2 Libreoffice, Openoffice.org | 2024-11-21 | N/A |
| LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll. | ||||
| CVE-2012-3806 | 1 Samsung | 1 Kies | 2024-11-21 | 7.5 High |
| Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service. | ||||
| CVE-2012-3236 | 1 Gimp | 1 Gimp | 2024-11-21 | N/A |
| fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string. | ||||
| CVE-2012-2744 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2024-11-21 | N/A |
| net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets. | ||||
| CVE-2012-2039 | 8 Adobe, Apple, Google and 5 more | 14 Air, Flash Player, Macos and 11 more | 2024-11-21 | N/A |
| Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. | ||||
| CVE-2012-1593 | 1 Wireshark | 1 Wireshark | 2024-11-21 | N/A |
| epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. | ||||