CVE-2018-4040

An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a...

Null pointer dereference

All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by null pointer dereference vulnerability, which may allows an attacker to cause a denial of service via appviahttp service...

GNU Binutils Binary File Descriptor library 'elf_link_input_bfd' function null pointer dereference vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

Security update for Mozilla Firefox (important)

This update for Mozilla Firefox to version 60.2.2esr contains the following security fixes MFSA 2018-24: - CVE-2018-12386: Type confusion in JavaScript allowed remote code execution bsc1110506 - CVE-2018-12387: Array.prototype.push stack pointer vulnerability may enable exploits in the sandboxed...

Design/Logic Flaw

An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted document can cause an uninitialized pointer representing a TTableRow to be assigned to a variable on the stack. This variable is later...

SUSE-SU-2018:2236-1 Security update for libcdio

This update for libcdio fixes the following issues: The following security vulnerabilities were addressed: - CVE-2017-18199: Fixed a NULL pointer dereference in reallocsymlink in rock.c bsc1082821 - CVE-2017-18201: Fixed a double free vulnerability in getcdtextgeneric in cdiogeneric.c bsc1082877 ...

CVE-2018-5030

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user...

Poppler Null Pointer Dereference Vulnerability

Poppler is a C++ class library for generating PDF, the library is inherited from Xpdf PDF reader. A security vulnerability exists in the 'AnnotPath::getCoordsLength' function in the Annot.h file of the Ubuntu package in Poppler version 0.24.5. A remote attacker can exploit this vulnerability with...

Design/Logic Flaw

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...

KLA11237 Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF

Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An unsafe DLL loading...

Huawei H323 Protocol Null Pointer Reference Vulnerability in Various Products

AR120-S, AR1200, DP300, RSE6500, Secospace USG6300, ViewPoint 8660 are all network equipment from Huawei China. A null pointer reference vulnerability exists in the H323 protocol of several Huawei products, which allows an attacker to send malformed messages to the affected devices without...

Huawei Multiple Products H323 Protocol Null Pointer Reference Vulnerability (CNVD-2018-08041)

AR120-S, AR1200, DP300, RSE6500, Secospace USG6300, ViewPoint 8660 are all network equipment from Huawei China. A null pointer reference vulnerability exists in the H323 protocol of various Huawei products, which allows an attacker to send malformed messages to the affected devices without...

SUSE-SU-2018:0864-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes several issues. These security issues were fixed: - CVE-2017-11524: The WriteBlob function allowed remote attackers to cause a denial of service assertion failure and application exit via a crafted file bsc1050087 - CVE-2017-16353: Prevent memory information...

SUSE-SU-2018:0858-1 Security update for graphite2

This update for graphite2 fixes the following issues: - CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce bsc1084850...

Design/Logic Flaw

Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2...

CVE-2017-17133

Huawei VP9660 V500R002C10 has a null pointer reference vulnerability in license module due to insufficient verification. An authenticated local attacker could place a malicious license file into system which cause memory null pointer accessing and related processing crash. The attacker can exploi...

CVE-2017-17135

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...

CVE-2017-17133

Huawei VP9660 V500R002C10 has a null pointer reference vulnerability in license module due to insufficient verification. An authenticated local attacker could place a malicious license file into system which cause memory null pointer accessing and related processing crash. The attacker can exploi...

Null pointer reference vulnerability in WPS Office 2016 demo pptxrw module

WPS office is an office software suite independently developed by Kingsoft Corporation. A null pointer reference vulnerability exists in the pptxrw module of the WPS presentation wpp.exe in WPS when parsing a specific pptx file, which can be exploited by an attacker to cause a denial of service...

SoftZone office demo prone to null pointer reference vulnerability

SoftZone Office RZoffice is an office software, which is compatible with MS Office and consists of three parts: word processing, spreadsheet and presentation. RZoffice Presentations.exe has a null pointer reference vulnerability when handling special ppt files. An attacker can exploit the...