Filtered by vendor
Subscriptions
Total
3602 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-47586 | 1 Sap | 1 Netweaver Abap Application Server | 2024-11-12 | 5.3 Medium |
SAP NetWeaver Application Server for ABAP and ABAP Platform allows an unauthenticated attacker to send a maliciously crafted http request which could cause a null pointer dereference in the kernel. This dereference will result in the system crashing and rebooting, causing the system to be temporarily unavailable. There is no impact on Confidentiality or Integrity. | ||||
CVE-2024-9484 | 2 Avast, Avg | 2 Antivirus, Antivirus | 2024-11-08 | 5.1 Medium |
An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing. | ||||
CVE-2024-9483 | 2 Avast, Avg | 2 Antivirus, Antivirus | 2024-11-08 | 5.1 Medium |
A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing. | ||||
CVE-2024-10750 | 1 Tenda | 2 I22, I22 Firmware | 2024-11-07 | 6.5 Medium |
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
CVE-2024-22733 | 1 Tp-link | 3 Mr200, Mr200 Firmware, Tl-mr200 V4 Firmware | 2024-11-06 | 3.5 Low |
TP Link MR200 V4 Firmware version 210201 was discovered to contain a null-pointer-dereference in the web administration panel on /cgi/login via the sign, Action or LoginStatus query parameters which could lead to a denial of service by a local or remote unauthenticated attacker. | ||||
CVE-2024-20426 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense Software | 2024-11-05 | 8.6 High |
A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted IKEv2 traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. | ||||
CVE-2024-10280 | 1 Tenda | 20 Ac10, Ac10 Firmware, Ac10u and 17 more | 2024-11-01 | 6.5 Medium |
A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
CVE-2022-3857 | 2024-10-29 | 5.5 Medium | ||
Maintainer contacted. This is a false-positive. The flaw does not actually exist and was erroneously tested. | ||||
CVE-2024-44101 | 1 Google | 1 Android | 2024-10-28 | 7.5 High |
there is a possible Null Pointer Dereference (modem crash) due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2024-40493 | 2 Keith-cullen, Keithcullen | 2 Freecoap, Freecoap | 2024-10-25 | 5.3 Medium |
Null Pointer Dereference in `coap_client_exchange_blockwise2` function in Keith Cullen FreeCoAP 1.0 allows remote attackers to cause a denial of service and potentially execute arbitrary code via a specially crafted CoAP packet that causes `coap_msg_get_payload(resp)` to return a null pointer, which is then dereferenced in a call to `memcpy`. | ||||
CVE-2024-20339 | 1 Cisco | 1 Firepower Threat Defense Software | 2024-10-25 | 8.6 High |
A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device. | ||||
CVE-2024-47459 | 1 Adobe | 1 Substance 3d Sampler | 2024-10-23 | 5.5 Medium |
Substance3D - Sampler versions 4.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-3186 | 2024-10-18 | 5.3 Medium | ||
CWE-476 NULL Pointer Dereference vulnerability in the evalExpr() function of GoAhead Web Server (version <= 6.0.0) when compiled with the ME_GOAHEAD_JAVASCRIPT flag. This vulnerability allows a remote attacker with the privileges to modify JavaScript template (JST) files to trigger a crash and cause a Denial of Service (DoS) by providing malicious templates. | ||||
CVE-2024-3184 | 2024-10-18 | 5.9 Medium | ||
Multiple CWE-476 NULL Pointer Dereference vulnerabilities were found in GoAhead Web Server up to version 6.0.0 when compiled with the ME_GOAHEAD_REPLACE_MALLOC flag. Without a memory notifier for allocation failures, remote attackers can exploit these vulnerabilities by sending malicious requests, leading to a crash and Denial of Service (DoS). | ||||
CVE-2024-39440 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-10-17 | 6.2 Medium |
In DRM service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with System execution privileges needed. | ||||
CVE-2024-47007 | 1 Ivanti | 1 Avalanche | 2024-10-16 | 7.5 High |
A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service. | ||||
CVE-2024-38146 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-10-16 | 7.5 High |
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | ||||
CVE-2024-38145 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-10-16 | 7.5 High |
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | ||||
CVE-2024-38126 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-10-16 | 7.5 High |
Windows Network Address Translation (NAT) Denial of Service Vulnerability | ||||
CVE-2024-6157 | 2024-10-15 | 5.1 Medium | ||
An attacker who successfully exploited these vulnerabilities could cause the robot to stop. A vulnerability exists in the PROFINET stack included in the RobotWare versions listed below. This vulnerability arises under specific condition when specially crafted message is processed by the system. Below are reported vulnerabilities in the Robot Ware versions. * IRC5- RobotWare 6 < 6.15.06 except 6.10.10, and 6.13.07 |