Vulnerabilities > NULL Pointer Dereference
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-12-22 | CVE-2010-4576 | Null Pointer Dereference vulnerability in Google Chrome and Chrome OS browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker. | 5.0 |
| 2010-11-05 | CVE-2010-3702 | Null Pointer Dereference vulnerability in multiple products The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. network low complexity apple freedesktop xpdfreader fedoraproject opensuse suse debian redhat canonical CWE-476 | 7.5 |
| 2010-09-30 | CVE-2010-3079 | NULL Pointer Dereference vulnerability in multiple products kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an lseek call on a file descriptor associated with the set_ftrace_filter file. | 5.5 |
| 2010-09-08 | CVE-2010-2960 | Null Pointer Dereference vulnerability in multiple products The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function. | 7.2 |
| 2010-09-08 | CVE-2010-2798 | NULL Pointer Dereference vulnerability in multiple products The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c. | 7.8 |
| 2010-09-08 | CVE-2009-4895 | NULL Pointer Dereference vulnerability in multiple products Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_tty_queue and __f_setown functions. | 4.7 |
| 2010-09-07 | CVE-2010-3251 | Null Pointer Dereference vulnerability in Google Chrome The WebSockets implementation in Google Chrome before 6.0.472.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | 4.3 |
| 2010-05-19 | CVE-2010-1321 | Null Pointer Dereference vulnerability in multiple products The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing. | 6.8 |
| 2010-04-12 | CVE-2010-1148 | Null Pointer Dereference vulnerability in Linux Kernel The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions. | 4.7 |
| 2010-04-06 | CVE-2010-0751 | Null Pointer Dereference vulnerability in multiple products The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets. | 5.0 |