Vulnerabilities > Release of Invalid Pointer or Reference

DATE CVE VULNERABILITY TITLE RISK
2023-06-01 CVE-2023-34312 Release of Invalid Pointer or Reference vulnerability in Tencent QQ and TIM
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition.
local
low complexity
tencent CWE-763
7.8
2023-05-25 CVE-2023-0459 Release of Invalid Pointer or Reference vulnerability in Linux Kernel
Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user().
local
low complexity
linux CWE-763
5.5
2023-04-24 CVE-2023-31082 Release of Invalid Pointer or Reference vulnerability in Linux Kernel 6.2
An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2.
local
low complexity
linux CWE-763
5.5
2023-04-16 CVE-2020-27545 Release of Invalid Pointer or Reference vulnerability in Libdwarf Project Libdwarf
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object.
network
low complexity
libdwarf-project CWE-763
6.5
2023-03-19 CVE-2022-48425 Release of Invalid Pointer or Reference vulnerability in Linux Kernel
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs.
local
low complexity
linux CWE-763
7.8
2023-02-14 CVE-2023-25565 Release of Invalid Pointer or Reference vulnerability in Gss-Ntlmssp Project Gss-Ntlmssp
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication.
network
low complexity
gss-ntlmssp-project CWE-763
7.5
2023-01-09 CVE-2022-25725 Release of Invalid Pointer or Reference vulnerability in Qualcomm products
Denial of service in MODEM due to improper pointer handling
local
low complexity
qualcomm CWE-763
5.5
2022-11-01 CVE-2022-42309 Release of Invalid Pointer or Reference vulnerability in multiple products
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage.
local
low complexity
xen debian fedoraproject CWE-763
8.8
2022-10-19 CVE-2022-41691 Release of Invalid Pointer or Reference vulnerability in F5 Big-Ip Application Security Manager
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.
network
low complexity
f5 CWE-763
7.5
2022-09-19 CVE-2022-28203 Release of Invalid Pointer or Reference vulnerability in multiple products
A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2.
network
low complexity
mediawiki debian CWE-763
7.5