Vulnerabilities > Release of Invalid Pointer or Reference

DATE CVE VULNERABILITY TITLE RISK
2022-06-16 CVE-2022-31625 Release of Invalid Pointer or Reference vulnerability in multiple products
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers.
network
high complexity
php debian CWE-763
8.1
2022-02-11 CVE-2022-24958 Release of Invalid Pointer or Reference vulnerability in multiple products
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
local
low complexity
linux fedoraproject netapp debian CWE-763
7.8
2022-01-31 CVE-2021-40042 Release of Invalid Pointer or Reference vulnerability in Huawei products
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal.
network
low complexity
huawei CWE-763
6.5
2021-12-22 CVE-2021-45261 Release of Invalid Pointer or Reference vulnerability in GNU Patch 2.7
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
local
low complexity
gnu CWE-763
5.5
2021-11-17 CVE-2021-3939 Release of Invalid Pointer or Reference vulnerability in Canonical Accountsservice and Ubuntu Linux
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function.
local
low complexity
canonical CWE-763
7.8
2021-11-15 CVE-2021-42377 Release of Invalid Pointer or Reference vulnerability in multiple products
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string.
network
low complexity
busybox fedoraproject netapp CWE-763
critical
9.8
2021-11-15 CVE-2020-12963 Release of Invalid Pointer or Reference vulnerability in AMD Radeon Software 20.7.1
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system.
local
low complexity
amd CWE-763
7.8
2021-09-19 CVE-2021-41073 Release of Invalid Pointer or Reference vulnerability in multiple products
loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.
local
low complexity
linux debian fedoraproject netapp CWE-763
7.8
2021-08-05 CVE-2021-28216 Release of Invalid Pointer or Reference vulnerability in Tianocore EDK II
BootPerformanceTable pointer is read from an NVRAM variable in PEI.
local
low complexity
tianocore CWE-763
7.8
2021-07-01 CVE-2020-36404 Release of Invalid Pointer or Reference vulnerability in Keystone-Engine Keystone 0.9.2
Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::~SmallVectorImpl.
local
low complexity
keystone-engine CWE-763
7.8