Total
3482 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24756 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-08-02 | 5.5 Medium |
| libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | ||||
| CVE-2023-24758 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-08-02 | 5.5 Medium |
| libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | ||||
| CVE-2023-24754 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-08-02 | 5.5 Medium |
| libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | ||||
| CVE-2023-24752 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-08-02 | 5.5 Medium |
| libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | ||||
| CVE-2023-24755 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-08-02 | 5.5 Medium |
| libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | ||||
| CVE-2023-24751 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-08-02 | 6.5 Medium |
| libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | ||||
| CVE-2023-23006 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||||
| CVE-2023-23108 | 1 Crasm Project | 1 Crasm | 2024-08-02 | 7.5 High |
| In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a NULL pointer dereference in the function Xasc. | ||||
| CVE-2023-23087 | 1 Mojojson Project | 1 Mojojson | 2024-08-02 | 9.8 Critical |
| An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy function. | ||||
| CVE-2023-23001 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||||
| CVE-2023-23004 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||||
| CVE-2023-22999 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||||
| CVE-2023-22997 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||||
| CVE-2023-23000 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used. | ||||
| CVE-2023-23002 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||||
| CVE-2023-22839 | 1 F5 | 66 Big-ip 10000s, Big-ip 10000s Firmware, Big-ip 10200v and 63 more | 2024-08-02 | 7.5 High |
| On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-22341 | 1 F5 | 1 Big-ip Access Policy Manager | 2024-08-02 | 7.5 High |
| On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate: * An OAuth Server that references an OAuth Provider * An OAuth profile with the Authorization Endpoint set to '/' * An access profile that references the above OAuth profile and is associated with an HTTPS virtual server Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-22340 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2024-08-02 | 7.5 High |
| On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-21758 | 1 Microsoft | 13 Windows 10, Windows 10 1507, Windows 10 1607 and 10 more | 2024-08-02 | 7.5 High |
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | ||||
| CVE-2023-21757 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-08-02 | 7.5 High |
| Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability | ||||