Vulnerabilities > NULL Pointer Dereference
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-03-05 | CVE-2013-1415 | Null Pointer Dereference vulnerability in multiple products The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed KRB5_PADATA_PK_AS_REQ AS-REQ request. | 5.0 |
| 2013-03-05 | CVE-2012-1016 | Null Pointer Dereference vulnerability in MIT Kerberos 5 The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts to find an agility KDF identifier in inappropriate circumstances, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted Draft 9 request. | 5.0 |
| 2012-07-12 | CVE-2012-3236 | NULL Pointer Dereference vulnerability in Gimp fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string. | 4.3 |
| 2012-06-09 | CVE-2012-2039 | NULL Pointer Dereference vulnerability in multiple products Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. | 9.3 |
| 2012-05-24 | CVE-2011-4081 | NULL Pointer Dereference vulnerability in Linux Kernel crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket. | 5.5 |
| 2012-05-17 | CVE-2012-1146 | NULL Pointer Dereference vulnerability in multiple products The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events. | 5.5 |
| 2012-05-17 | CVE-2012-1097 | NULL Pointer Dereference vulnerability in multiple products The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call. | 7.8 |
| 2012-05-17 | CVE-2011-4594 | NULL Pointer Dereference vulnerability in Linux Kernel The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference. | 5.5 |
| 2012-05-17 | CVE-2011-3637 | NULL Pointer Dereference vulnerability in multiple products The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error. | 5.5 |
| 2012-02-02 | CVE-2011-2525 | NULL Pointer Dereference vulnerability in multiple products The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call. | 7.8 |