Vulnerabilities > NULL Pointer Dereference

DATE CVE VULNERABILITY TITLE RISK
2016-08-07 CVE-2016-5354 NULL Pointer Dereference vulnerability in Wireshark
The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
network
high complexity
wireshark CWE-476
5.9
2016-08-06 CVE-2016-6504 NULL Pointer Dereference vulnerability in Wireshark
epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
network
high complexity
wireshark CWE-476
5.9
2016-08-06 CVE-2016-3070 NULL Pointer Dereference vulnerability in multiple products
The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move.
local
low complexity
debian linux CWE-476
7.8
2016-08-05 CVE-2016-3821 NULL Pointer Dereference vulnerability in Google Android
libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 has certain incorrect declarations, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference or memory corruption) via a crafted media file, aka internal bug 28166152.
network
low complexity
google CWE-476
critical
9.8
2016-08-01 CVE-2016-3120 NULL Pointer Dereference vulnerability in MIT Kerberos 5
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request.
network
low complexity
mit CWE-476
6.5
2016-07-25 CVE-2016-6292 NULL Pointer Dereference vulnerability in PHP
The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.
network
low complexity
php CWE-476
6.5
2016-07-22 CVE-2016-4649 NULL Pointer Dereference vulnerability in Apple mac OS X
Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.
local
low complexity
apple CWE-476
5.5
2016-07-22 CVE-2016-4627 NULL Pointer Dereference vulnerability in Apple Iphone OS
IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
local
low complexity
apple CWE-476
7.8
2016-07-22 CVE-2016-4626 NULL Pointer Dereference vulnerability in Apple products
IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
local
low complexity
apple CWE-476
7.8
2016-07-22 CVE-2016-4605 NULL Pointer Dereference vulnerability in Apple Iphone OS
Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted invitation.
network
low complexity
apple CWE-476
6.5