Total
3475 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-30403 | 2024-08-02 | 6.5 Medium | ||
| A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process, the interface flaps, an Advanced Forwarding Toolkit manager (evo-aftmand-bt) core is observed. This leads to a PFE restart. The crash reoccurs if the same sequence of events happens, which will lead to a sustained DoS condition. This issue affects Juniper Networks Junos OS Evolved 23.2-EVO versions earlier than 23.2R1-S1-EVO, 23.2R2-EVO. | ||||
| CVE-2024-30295 | 1 Adobe | 1 Animate | 2024-08-02 | 7.8 High |
| Animate versions 24.0.2, 23.0.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-30285 | 1 Adobe | 1 Audition | 2024-08-02 | 5.5 Medium |
| Audition versions 24.2, 23.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service condition. An attacker could exploit this vulnerability to crash the application, leading to a denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-30030 | 1 Microsoft | 3 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 | 2024-08-02 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2024-27978 | 1 Ivanti | 1 Avalanche | 2024-08-02 | N/A |
| A Null Pointer Dereference vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows an authenticated remote attacker to perform denial of service attacks. | ||||
| CVE-2024-26342 | 1 Asus | 1 Ac68u | 2024-08-02 | 7.5 High |
| A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet. | ||||
| CVE-2024-25560 | 2024-08-01 | 7.5 High | ||
| When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-25454 | 1 Axiosys | 1 Bento4 | 2024-08-01 | 5.5 Medium |
| Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_DescriptorFinder::Test() function. | ||||
| CVE-2024-25260 | 2024-08-01 | 4.0 Medium | ||
| elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c. | ||||
| CVE-2024-24989 | 2024-08-01 | 7.5 High | ||
| When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2024-24991 | 2024-08-01 | N/A | ||
| A Null Pointer Dereference vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows an authenticated remote attacker to perform denial of service attacks. | ||||
| CVE-2024-24860 | 1 Linux | 1 Linux Kernel | 2024-08-01 | 4.6 Medium |
| A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | ||||
| CVE-2024-24864 | 1 Linux | 1 Linux Kernel | 2024-08-01 | 5.3 Medium |
| A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | ||||
| CVE-2024-24855 | 1 Linux | 1 Linux Kernel | 2024-08-01 | 5 Medium |
| A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | ||||
| CVE-2024-24856 | 2024-08-01 | 5.3 Medium | ||
| The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that receives it, which may lead to null pointer dereference. To fix this issue, a null pointer check should be added. If it is null, return exception code AE_NO_MEMORY. | ||||
| CVE-2024-23078 | 2024-08-01 | 9.1 Critical | ||
| JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification. | ||||
| CVE-2024-23800 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-08-01 | 3.3 Low |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | ||||
| CVE-2024-23799 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-08-01 | 3.3 Low |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | ||||
| CVE-2024-23808 | 2024-08-01 | 5.2 Medium | ||
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference. | ||||
| CVE-2024-23801 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-08-01 | 3.3 Low |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | ||||