CVE-2018-19876

cairo 1.16.0, in cairoftapplyvariations in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free: invalid pointer" error...

DEBIAN-CVE-2018-19797

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause a Denial of Service application crash via a crafted sass input file...

UBUNTU-CVE-2018-19149

Poppler before 0.70.0 has a NULL pointer dereference in popplerattachmentnew when called from popplerannotfileattachmentgetattachment...

CVE-2018-11359

In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference...

The vulnerability of the fimg2d driver for the Samsung Exynos 7420 Android operating system, which allows a hacker to compromise data confidentiality, integrity, and accessibility.

The vulnerability of the fimg2d driver for the Samsung Exynos 7420 Android operating system is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to compromise data confidentiality, integrity, and accessibility...

The vulnerability of the inftrees library’s Zlib component allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the inftrees.c component of the zlib library arises due to a calculation error related to pointers. Exploiting this vulnerability may allow an attacker, operating remotely, to cause unpredictable behavior in the program, which could lead to breaches of confidentiality,...

PT-2017-3183 · Bchunk +1 · Bchunk +1

Name of the Vulnerable Software and Affected Versions: bchunk versions 1.2.0 through 1.2.1 Description: The issue is related to pointer dereference errors. It can be exploited by a remote attacker using a specially crafted .cue file, potentially causing the application to crash. The problem arise...

ALPINE-CVE-2017-2784

An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to ...

The vulnerability of the Windows operating system, which allows a perpetrator to gain access to local files

The vulnerability of the Windows operating system’s server service is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to local files using specially crafted SMBv2 or SMBv3 packets...

DEBIAN-CVE-2017-6501

An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference...

UBUNTU-CVE-2017-6298

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."...

Denial Of Service (DoS)

FFMpeg is vulnerable to a denial of service DoS attack. A malicious user can pass a malicious AVI file to the system, causing a null pointer error that can crash the application...

CVE-2016-7544

Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based malloca and freea functions. The library will request a block of memory to align a table in memory. If the table is later reallocated, then the wrong pointer could be freed...

uninitialized random

libcurl's new internal function that returns a good 32-bit random value was implemented poorly and overwrote the pointer instead of writing the value into the buffer the pointer pointed to. This random value is used to generate nonces for Digest and NTLM authentication, for generating boundary...

The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the secure-session function in the mm-video-v4l2 venc component of the Android operating system’s media server is related to incorrect handling of stack pointers. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain confidential informati...

UBUNTU-CVE-2016-1639

Use-after-free vulnerability in browser/extensions/api/webrtcaudioprivate/webrtcaudioprivateapi.cc in the WebRTC Audio Private API implementation in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging...

IBM Spectrum Scale and General Parallel File System Denial of Service Vulnerability

IBM Spectrum Scale and General Parallel File System GPFS are both products of IBM Corporation of the U.S.A. IBM GPFS is an enterprise file management system optimized for petabyte-scale storage management.IBM Spectrum Scale is a set of data and file management solutions based on IBM GPFS. IBM...

Wireshark DEC DNA Routing Protocol Handles Remote Denial of Service Vulnerability

Wireshark is an open source network protocol analysis tool. The setdnetaddress function in the Wireshark DEC DNA routing protocol 'packet-dec-dnart.c' handles data with a pointer error, which allows remote attackers to exploit vulnerabilities to construct malicious messages and trick users into...

Kernel: USB io_ti driver NULL pointer dereference in routine chase_port

The chaseport function in drivers/usb/serial/ioti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service NULL pointer dereference and system crash via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter...

Path traversal

The 1 publickeymakedss, 2 publickeymakersa, 3 signaturefromstring, 4 sshdosign, and 5 sshsignsessionid functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service crash via unspecified vectors...