Vulnerabilities > NULL Pointer Dereference

DATE CVE VULNERABILITY TITLE RISK
2017-05-09 CVE-2017-0341 NULL Pointer Dereference vulnerability in Nvidia GPU Driver
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input can trigger an access to a pointer that has not been initialized which may lead to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-476
7.8
2017-05-08 CVE-2017-8825 NULL Pointer Dereference vulnerability in Libetpan Project Libetpan
A null dereference vulnerability has been found in the MIME handling component of LibEtPan before 1.8, as used in MailCore and MailCore 2.
network
low complexity
libetpan-project CWE-476
7.5
2017-05-08 CVE-2017-8847 NULL Pointer Dereference vulnerability in Long Range ZIP Project Long Range ZIP 0.631
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
local
low complexity
long-range-zip-project CWE-476
5.5
2017-05-08 CVE-2017-8843 NULL Pointer Dereference vulnerability in Long Range ZIP Project Long Range ZIP 0.631
The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
local
low complexity
long-range-zip-project CWE-476
5.5
2017-05-04 CVE-2017-3730 NULL Pointer Dereference vulnerability in multiple products
In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash.
network
low complexity
openssl oracle CWE-476
7.5
2017-05-04 CVE-2016-7053 NULL Pointer Dereference vulnerability in Openssl 1.1.0/1.1.0A/1.1.0B
In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference.
network
low complexity
openssl CWE-476
7.5
2017-05-01 CVE-2017-8395 NULL Pointer Dereference vulnerability in GNU Binutils 2.28
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function.
network
low complexity
gnu CWE-476
7.5
2017-05-01 CVE-2017-8394 NULL Pointer Dereference vulnerability in GNU Binutils 2.28
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section.
network
low complexity
gnu CWE-476
7.5
2017-05-01 CVE-2017-8392 NULL Pointer Dereference vulnerability in GNU Binutils 2.28
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function.
network
low complexity
gnu CWE-476
7.5
2017-04-25 CVE-2017-5625 NULL Pointer Dereference vulnerability in Oneplus Oxygenos 3.2.8/3.5.4/4.0.2
In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump <partition>' fastboot command.
low complexity
oneplus CWE-476
4.6