Total
3482 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-21683 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-08-02 | 7.5 High |
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | ||||
| CVE-2023-21593 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-08-02 | 5.5 Medium |
| Adobe InDesign versions ID18.1 (and earlier) and ID17.4 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-21547 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-02 | 7.5 High |
| Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | ||||
| CVE-2023-20233 | 1 Cisco | 1 Ios Xr | 2024-08-02 | 4.3 Medium |
| A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect processing of invalid continuity check messages (CCMs). An attacker could exploit this vulnerability by sending crafted CCMs to an affected device. A successful exploit could allow the attacker to cause the CFM service to crash when a user displays information about maintenance end points (MEPs) for peer MEPs on an affected device. | ||||
| CVE-2023-6397 | 2024-08-02 | 6.5 Medium | ||
| A null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed file onto a LAN-side host if the firewall has the “Anti-Malware” feature enabled. | ||||
| CVE-2023-5972 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2024-08-02 | 7 High |
| A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system. | ||||
| CVE-2023-3358 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-02 | 5.5 Medium |
| A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash the system. | ||||
| CVE-2023-3359 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| An issue was discovered in the Linux kernel brcm_nvram_parse in drivers/nvmem/brcm_nvram.c. Lacks for the check of the return value of kzalloc() can cause the NULL Pointer Dereference. | ||||
| CVE-2023-3338 | 4 Debian, Linux, Netapp and 1 more | 4 Debian Linux, Linux Kernel, Active Iq Unified Manager and 1 more | 2024-08-02 | 6.5 Medium |
| A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system. | ||||
| CVE-2023-3357 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system. | ||||
| CVE-2023-3316 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2024-08-02 | 5.9 Medium |
| A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones. | ||||
| CVE-2023-3355 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-02 | 4.7 Medium |
| A NULL pointer dereference flaw was found in the Linux kernel's drivers/gpu/drm/msm/msm_gem_submit.c code in the submit_lookup_cmds function, which fails because it lacks a check of the return value of kmalloc(). This issue allows a local user to crash the system. | ||||
| CVE-2023-3354 | 3 Fedoraproject, Qemu, Redhat | 10 Fedora, Qemu, Advanced Virtualization and 7 more | 2024-08-02 | 7.5 High |
| A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service. | ||||
| CVE-2023-3220 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference. | ||||
| CVE-2023-3212 | 5 Debian, Fedoraproject, Linux and 2 more | 14 Debian Linux, Fedora, Linux Kernel and 11 more | 2024-08-02 | 4.4 Medium |
| A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic. | ||||
| CVE-2023-3012 | 1 Gpac | 1 Gpac | 2024-08-02 | 7.8 High |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2023-2953 | 4 Apple, Netapp, Openldap and 1 more | 17 Macos, Active Iq Unified Manager, Clustered Data Ontap and 14 more | 2024-08-02 | 7.5 High |
| A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function. | ||||
| CVE-2023-2872 | 1 Electronic | 1 Flexihub | 2024-08-02 | 5.5 Medium |
| A vulnerability classified as problematic has been found in FlexiHub 5.5.14691.0. This affects the function 0x220088 in the library fusbhub.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229851. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-2875 | 1 Escanav | 1 Escan Anti-virus | 2024-08-02 | 5.5 Medium |
| A vulnerability, which was classified as problematic, was found in eScan Antivirus 22.0.1400.2443. Affected is the function 0x22E008u in the library PROCOBSRVESX.SYS of the component IoControlCode Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-229854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-2871 | 1 Fabulatech | 1 Usb For Remote Desktop | 2024-08-02 | 3.3 Low |
| A vulnerability was found in FabulaTech USB for Remote Desktop 6.1.0.0. It has been rated as problematic. Affected by this issue is the function 0x220448/0x220420/0x22040c/0x220408 of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-229850 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||