Vulnerabilities > Release of Invalid Pointer or Reference
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-06 | CVE-2022-37451 | Release of Invalid Pointer or Reference vulnerability in multiple products Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc. | 7.5 |
| 2022-06-16 | CVE-2022-31625 | Release of Invalid Pointer or Reference vulnerability in multiple products In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. | 8.1 |
| 2022-02-11 | CVE-2022-24958 | Release of Invalid Pointer or Reference vulnerability in multiple products drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. | 7.8 |
| 2022-01-31 | CVE-2021-40042 | Release of Invalid Pointer or Reference vulnerability in Huawei products There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. | 6.5 |
| 2021-12-22 | CVE-2021-45261 | Release of Invalid Pointer or Reference vulnerability in GNU Patch 2.7 An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service. | 5.5 |
| 2021-11-17 | CVE-2021-3939 | Release of Invalid Pointer or Reference vulnerability in Canonical Accountsservice and Ubuntu Linux Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. | 7.8 |
| 2021-11-15 | CVE-2021-42377 | Release of Invalid Pointer or Reference vulnerability in multiple products An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. | 9.8 |
| 2021-11-15 | CVE-2020-12963 | Release of Invalid Pointer or Reference vulnerability in AMD Radeon Software 20.7.1 An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system. | 7.8 |
| 2021-09-19 | CVE-2021-41073 | Release of Invalid Pointer or Reference vulnerability in multiple products loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation. | 7.8 |
| 2021-08-05 | CVE-2021-28216 | Release of Invalid Pointer or Reference vulnerability in Tianocore EDK II BootPerformanceTable pointer is read from an NVRAM variable in PEI. | 7.8 |