Total
3468 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2547 | 1 Softing | 6 Edgeaggregator, Edgeconnector, Opc and 3 more | 2024-08-03 | 7.5 High |
| A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22. | ||||
| CVE-2022-2476 | 2 Fedoraproject, Wavpack | 2 Fedora, Wavpack | 2024-08-03 | 5.5 Medium |
| A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x561b47a970c6 bp 0x7fff13952fb0 sp 0x7fff1394fca0 T0) ==84257==The signal is caused by a WRITE memory access. ==84257==Hint: address points to the zero page. #0 0x561b47a970c5 in main cli/wvunpack.c:834 #1 0x7efc4f5c0082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #2 0x561b47a945ed in _start (/usr/local/bin/wvunpack+0xa5ed) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV cli/wvunpack.c:834 in main ==84257==ABORTING | ||||
| CVE-2022-2337 | 1 Softing | 6 Edgeaggregator, Edgeconnector, Opc and 3 more | 2024-08-03 | 7.5 High |
| A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22. | ||||
| CVE-2022-2309 | 4 Fedoraproject, Lxml, Redhat and 1 more | 4 Fedora, Lxml, Enterprise Linux and 1 more | 2024-08-03 | 7.5 High |
| NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered. | ||||
| CVE-2022-2279 | 1 Libmobi Project | 1 Libmobi | 2024-08-03 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository bfabiszewski/libmobi prior to 0.11. | ||||
| CVE-2022-2231 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-08-03 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2208 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-08-03 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. | ||||
| CVE-2022-2153 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-08-03 | 5.5 Medium |
| A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. | ||||
| CVE-2022-2085 | 2 Artifex, Fedoraproject | 2 Ghostscript, Fedora | 2024-08-03 | 5.5 Medium |
| A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash. | ||||
| CVE-2022-1852 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-08-03 | 5.5 Medium |
| A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU. | ||||
| CVE-2022-1748 | 1 Softing | 6 Edgeaggregator, Edgeconnector, Opc and 3 more | 2024-08-03 | 7.5 High |
| Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability. | ||||
| CVE-2022-1789 | 4 Debian, Fedoraproject, Linux and 1 more | 7 Debian Linux, Fedora, Linux Kernel and 4 more | 2024-08-03 | 6.8 Medium |
| With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference. | ||||
| CVE-2022-1725 | 2 Apple, Vim | 2 Macos, Vim | 2024-08-03 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. | ||||
| CVE-2022-1674 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-08-03 | 5.5 Medium |
| NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. | ||||
| CVE-2022-1649 | 1 Radare | 1 Radare2 | 2024-08-03 | 5.5 Medium |
| Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html). | ||||
| CVE-2022-1671 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2024-08-03 | 7.1 High |
| A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information. | ||||
| CVE-2022-1620 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-08-03 | 7.5 High |
| NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. | ||||
| CVE-2022-1516 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-03 | 5.5 Medium |
| A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. | ||||
| CVE-2022-1507 | 2 Chafa Project, Fedoraproject | 2 Chafa, Fedora | 2024-08-03 | 5.5 Medium |
| chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. | ||||
| CVE-2022-1341 | 1 Bwm-ng Project | 1 Bwm-ng | 2024-08-03 | 7.5 High |
| An issue was discovered in in bwm-ng v0.6.2. An arbitrary null write exists in get_cmdln_options() function in src/options.c. | ||||