Vulnerabilities > Release of Invalid Pointer or Reference

DATE CVE VULNERABILITY TITLE RISK
2023-04-16 CVE-2020-27545 Release of Invalid Pointer or Reference vulnerability in Libdwarf Project Libdwarf
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object.
network
low complexity
libdwarf-project CWE-763
6.5
2023-03-19 CVE-2022-48425 Release of Invalid Pointer or Reference vulnerability in Linux Kernel
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs.
local
low complexity
linux CWE-763
7.8
2023-02-14 CVE-2023-25565 Release of Invalid Pointer or Reference vulnerability in Gss-Ntlmssp Project Gss-Ntlmssp
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication.
network
low complexity
gss-ntlmssp-project CWE-763
7.5
2023-01-09 CVE-2022-25725 Release of Invalid Pointer or Reference vulnerability in Qualcomm products
Denial of service in MODEM due to improper pointer handling
local
low complexity
qualcomm CWE-763
5.5
2022-11-01 CVE-2022-42309 Release of Invalid Pointer or Reference vulnerability in multiple products
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage.
local
low complexity
xen debian fedoraproject CWE-763
8.8
2022-09-19 CVE-2022-28203 Release of Invalid Pointer or Reference vulnerability in multiple products
A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2.
network
low complexity
mediawiki debian CWE-763
7.5
2022-08-25 CVE-2020-27797 Release of Invalid Pointer or Reference vulnerability in UPX Project UPX 4.0.0
An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
local
low complexity
upx-project CWE-763
5.5
2022-08-25 CVE-2020-27798 Release of Invalid Pointer or Reference vulnerability in UPX Project UPX 4.0.0
An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
local
low complexity
upx-project CWE-763
5.5
2022-08-06 CVE-2022-37451 Release of Invalid Pointer or Reference vulnerability in multiple products
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.
network
low complexity
exim fedoraproject CWE-763
7.5
2022-06-16 CVE-2022-31625 Release of Invalid Pointer or Reference vulnerability in multiple products
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers.
network
high complexity
php debian CWE-763
8.1