Total
3485 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36130 | 1 Aomedia | 1 Aomedia | 2024-08-04 | 6.5 Medium |
| AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1_dx_iface.c. | ||||
| CVE-2020-35981 | 1 Gpac | 1 Gpac | 2024-08-04 | 7.8 High |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters() in isomedia/isom_store.c. | ||||
| CVE-2020-35982 | 1 Gpac | 1 Gpac | 2024-08-04 | 7.8 High |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function gf_hinter_track_finalize() in media_tools/isom_hinter.c. | ||||
| CVE-2020-35907 | 1 Rust-lang | 1 Futures-task | 2024-08-04 | 5.5 Medium |
| An issue was discovered in the futures-task crate before 0.3.5 for Rust. futures_task::noop_waker_ref allows a NULL pointer dereference. | ||||
| CVE-2020-35860 | 1 Cbox Project | 1 Cbox | 2024-08-04 | 9.8 Critical |
| An issue was discovered in the cbox crate through 2020-03-19 for Rust. The CBox API allows dereferencing raw pointers without a requirement for unsafe code. | ||||
| CVE-2020-35680 | 2 Fedoraproject, Opensmtpd | 2 Fedora, Opensmtpd | 2024-08-04 | 7.5 High |
| smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer. | ||||
| CVE-2020-35668 | 2 Redhat, Redislabs | 2 Acm, Redisgraph | 2024-08-04 | 7.5 High |
| RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced. | ||||
| CVE-2020-35503 | 2 Fedoraproject, Qemu | 2 Fedora, Qemu | 2024-08-04 | 6.0 Medium |
| A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0. This issue occurs in the megasas_command_cancelled() callback function while dropping a SCSI request. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2020-35538 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-08-04 | 5.5 Medium |
| A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo. | ||||
| CVE-2020-35495 | 4 Broadcom, Fedoraproject, Gnu and 1 more | 9 Brocade Fabric Operating System Firmware, Fedora, Binutils and 6 more | 2024-08-04 | 5.5 Medium |
| There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34. | ||||
| CVE-2020-35496 | 4 Broadcom, Fedoraproject, Gnu and 1 more | 9 Brocade Fabric Operating System Firmware, Fedora, Binutils and 6 more | 2024-08-04 | 5.5 Medium |
| There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34. | ||||
| CVE-2020-35525 | 2 Redhat, Sqlite | 2 Enterprise Linux, Sqlite | 2024-08-04 | 7.5 High |
| In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing. | ||||
| CVE-2020-35450 | 1 Gobby Project | 1 Gobby | 2024-08-04 | 7.5 High |
| Gobby 0.4.11 allows a NULL pointer dereference in the D-Bus handler for certain set_language calls. | ||||
| CVE-2020-35507 | 4 Broadcom, Gnu, Netapp and 1 more | 9 Brocade Fabric Operating System, Binutils, Cloud Backup and 6 more | 2024-08-04 | 5.5 Medium |
| There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. | ||||
| CVE-2020-35505 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-08-04 | 4.4 Medium |
| A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2020-35504 | 3 Debian, Fedoraproject, Qemu | 3 Debian Linux, Fedora, Qemu | 2024-08-04 | 6.0 Medium |
| A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2020-35499 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 6.7 Medium |
| A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a special user privilege to crash the system (DOS) or leak kernel internal information. | ||||
| CVE-2020-35471 | 1 Envoyproxy | 1 Envoy | 2024-08-04 | 7.5 High |
| Envoy before 1.16.1 mishandles dropped and truncated datagrams, as demonstrated by a segmentation fault for a UDP packet size larger than 1500. | ||||
| CVE-2020-29652 | 2 Golang, Redhat | 4 Ssh, Container Native Virtualization, Enterprise Linux and 1 more | 2024-08-04 | 7.5 High |
| A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers. | ||||
| CVE-2020-29571 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-08-04 | 6.2 Medium |
| An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. While the producer side uses appropriately ordered writes, the consumer side isn't protected against re-ordered reads, and may hence end up de-referencing a NULL pointer. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system. Only Arm systems may be vulnerable. Whether a system is vulnerable depends on the specific CPU. x86 systems are not vulnerable. | ||||