Unchecked return value from xmlTextReaderExpand

Summary Nokogiri 1.13.8, 1.13.9 fails to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. For applications using XML::Reader to parse untrusted inputs, this may...

CVE-2021-3319 DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses

DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. Zephyr versions = v2.4.0 contain NULL Pointer Dereference CWE-476, Attempt to Access Child of a Non-structure Pointer CWE-588. For more information, see...

Genivia gSOAP WS-Addressing plugin denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Genivia gSOAP 2.8.107 Product UR...

Python.org CPython X509 certificate parsing denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using...

Null pointer dereference

libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards release v3.3.0 onwards contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archiveacl.c, archiveaclfromtextl that can result in Crash/DoS. This attack appear to be exploitable via the vict...