Use of NullPointerException Catch to Detect NULL Pointer Dereference in Pymongo

bson/cbsonmodule.c in the mongo-python-driver aka. pymongo before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to decoding of an "invalid DBRef."...

GHSA-9G8W-PJPR-PRR4 Path Traversal in io.hawt:project

hawtio before versions 2.0-beta-1, 2.0-beta-2, 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 are vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root...

Path Traversal in io.hawt:project

hawtio before versions 2.0-beta-1, 2.0-beta-2, 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 are vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root...

Security Bulletin: A vulnerability in Java SE affects IBM Control Center (CVE-2021-35578)

Summary A maliciously crafted TLS 1.3 ClientHello packet can trigger a NullPointerException and an SSLException instead ofbeing rejected gracefully. The fix ensures that the invalid data is rejected gracefully. Vulnerability Details CVEID: CVE-2021-35578 DESCRIPTION: An unspecified vulnerability ...

SUSE: Security Advisory (SUSE-SU-2020:2861-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adding an extra forward slash '/' in the download attachment URL results in a stack trace.

h3. Issue Summary Adding an extra forward slash '/' in the download attachment URL results in a stack trace. h3. Steps to Reproduce Append an extra slash to a download attachment URL, similar to this: code:java http://:///download/attachments code h3. Expected Results A 'page not found', 404 or...

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:3460-1)

This update for java-180-openjdk fixes the following issues : Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: Add...

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2020-2083)

This update for java-180-openjdk fixes the following issues : - Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. - Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: A...

Security update for java-1_8_0-openjdk (moderate)

openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2020:2083-1 Rating: moderate References: 1174157 1177943 Cross-References: CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621...

Security update for java-1_8_0-openjdk (moderate)

openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2020:2048-1 Rating: moderate References: 1174157 1177943 Cross-References: CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621...

SUSE-SU-2020:3191-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. - Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 New features + JDK-8245468: Add...

CVE-2020-13659

addressspacemap in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer...

CVE-2017-18658

An issue was discovered on Samsung mobile devices with M6.0 software. The multiwindowfacade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 August 2017...

CVE-2017-18663

An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...

CVE-2017-18658

An issue was discovered on Samsung mobile devices with M6.0 software. The multiwindowfacade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 August 2017...

CVE-2017-18663

An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...

Code injection

An issue was discovered on Samsung mobile devices with M6.0 software. The multiwindowfacade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 August 2017...

CVE-2017-18658

An issue was discovered on Samsung mobile devices with M6.0 software. The multiwindowfacade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 August 2017...

CVE-2017-18663

An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...

CVE-2017-18663

CVE-2017-18663 affects Samsung mobile devices running N(7.x). Root cause: missing Intent exception handling causes a NullPointerException in system_server, potentially crashing a system process. Samsung identifiers: SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, SVE-2017-9126 (July 2017). Connected...