Total
4227 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-33223 | 1 Qualcomm | 24 Mdm8207, Mdm8207 Firmware, Mdm9205 and 21 more | 2024-11-21 | 7.5 High |
| Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding. | ||||
| CVE-2022-32298 | 1 Toybox Project | 1 Toybox | 2024-11-21 | 7.5 High |
| Toybox v0.8.7 was discovered to contain a NULL pointer dereference via the component httpd.c. This vulnerability can lead to a Denial of Service (DoS) via unspecified vectors. | ||||
| CVE-2022-32230 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server 2019 | 2024-11-21 | 7.5 High |
| Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. | ||||
| CVE-2022-32202 | 1 Libjpeg Project | 1 Libjpeg | 2024-11-21 | 5.5 Medium |
| In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp. | ||||
| CVE-2022-32201 | 1 Libjpeg Project | 1 Libjpeg | 2024-11-21 | 5.5 Medium |
| In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp. | ||||
| CVE-2022-31763 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 5.5 Medium |
| The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability. | ||||
| CVE-2022-31681 | 1 Vmware | 2 Cloud Foundation, Esxi | 2024-11-21 | 6.5 Medium |
| VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host. | ||||
| CVE-2022-31618 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 5.5 Medium |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a null pointer, which may lead to denial of service. | ||||
| CVE-2022-31213 | 2 Dbus-broker Project, Redhat | 2 Dbus-broker, Enterprise Linux | 2024-11-21 | 7.5 High |
| An issue was discovered in dbus-broker before 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file. | ||||
| CVE-2022-30975 | 3 Artifex, Debian, Fedoraproject | 3 Mujs, Debian Linux, Fedora | 2024-11-21 | 5.5 Medium |
| In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. | ||||
| CVE-2022-30592 | 1 Litespeedtech | 1 Lsquic | 2024-11-21 | 9.8 Critical |
| liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY. | ||||
| CVE-2022-30279 | 1 Stormshield | 1 Stormshield Network Security | 2024-11-21 | 7.5 High |
| An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging of the ASQ sofbus lacbus plugin triggers the dereferencing of a NULL pointer, leading to a crash of SNS. An attacker could exploit this vulnerability via forged sofbus lacbus traffic to cause a firmware crash. | ||||
| CVE-2022-2980 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. | ||||
| CVE-2022-2928 | 4 Debian, Fedoraproject, Isc and 1 more | 4 Debian Linux, Fedora, Dhcp and 1 more | 2024-11-21 | 6.5 Medium |
| In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort. | ||||
| CVE-2022-2923 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. | ||||
| CVE-2022-2874 | 1 Vim | 1 Vim | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. | ||||
| CVE-2022-2832 | 2 Blender, Redhat | 2 Blender, Openshift Sandboxed Containers | 2024-11-21 | 7.5 High |
| A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity. | ||||
| CVE-2022-2549 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV. | ||||
| CVE-2022-2476 | 2 Fedoraproject, Wavpack | 2 Fedora, Wavpack | 2024-11-21 | 5.5 Medium |
| A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x561b47a970c6 bp 0x7fff13952fb0 sp 0x7fff1394fca0 T0) ==84257==The signal is caused by a WRITE memory access. ==84257==Hint: address points to the zero page. #0 0x561b47a970c5 in main cli/wvunpack.c:834 #1 0x7efc4f5c0082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #2 0x561b47a945ed in _start (/usr/local/bin/wvunpack+0xa5ed) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV cli/wvunpack.c:834 in main ==84257==ABORTING | ||||
| CVE-2022-2309 | 4 Fedoraproject, Lxml, Redhat and 1 more | 4 Fedora, Lxml, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
| NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered. | ||||