WPS Presentation Null Pointer Reference Vulnerability

WPS Office is an office software suite developed independently by Kingsoft Corporation. WPS Presentation wpp.exe in WPS has a null pointer reference vulnerability when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service...

CVE-2017-12678

In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file...

CVE-2017-13065

GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c...

CVE-2017-9680

CVE-2017-9680 affects Qualcomm components used in Android CAF builds running the Linux kernel. The issue occurs when a pointer argument from userspace is invalid, and a driver may use an uninitialized structure to log an error message. The connected documents confirm the affected stack is Qualcom...

Null pointer dereference

In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid...

Kernel pool overflow exploit combat of Windows 10-bug warning-the black bar safety net

One, Foreword This is the kernel pool overflow exploit combat of Windows 7 throughout the sequel, we will be in the Windows 10 system to achieve the same exploits, it will be more challenging because of Microsoft ever since Windows 8 has taken a lot for the kernel pool attacks defenses. This...

CVE-2017-10965

An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer...

Null pointer dereference

In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM...

CVE-2015-9027

In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM...

CVE-2015-9027

In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM...

CVE-2015-9000

In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel...

CVE-2017-2784

An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to ...

Design/Logic Flaw

An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to ...

CVE-2017-2784

An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to ...

PoDoFo 'PoDoFo::PdfXObject::PdfXObject' function null pointer reference denial of service vulnerability

PoDoFo is an open source , written in C++ using the PDF file format library . A null pointer reference vulnerability exists in PoDoFo's 'PoDoFo::PdfXObject::PdfXObject' function. Allows a remote attacker to construct a malicious file and trick the user into parsing it, which can crash the...

ytnef null pointer reference vulnerability

ytnef is an application library for extracting data from winmail.dat files. A null pointer reference vulnerability exists in ytnef. A remote attacker could exploit this vulnerability to construct a malicious file that could be parsed by the user, which could crash the application...

ZZIPlib 'zzip_mem_entry_new' NULL Pointer Reference Denial of Service Vulnerability

ZZIPlib is a lightweight used to extract files from the ZIP file to read the C language package , but also can be used to compress multiple files into zip format , using the zlib library development . ZZIPlib NULL pointer reference denial of service vulnerability. An attacker could exploit this...

Debian DLA-688-1 : cairo security update

It was discovered that there was a possible DoS attack in Cairo, a multi-platform library providing vector-based rendering. An SVG could generate invalid pointers from a cairoimagesurface in writepng. For Debian 7 'Wheezy', this issue has been fixed in cairo version 1.12.2-3+deb7u1. We recommend...

JasPer null pointer back-reference vulnerability (CNVD-2016-10308)

JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. A null pointer back-reference vulnerability exists in the JasPer function jpcpidestroy, which can be exploited by an attacker to crash an application and deny service to legitimat...

Security update for php5 (important)

This update for php5 fixes the following security issues: CVE-2016-7411: Memory corruption when destructing deserialized object CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNEDFLAG in BIT field CVE-2016-7413: Use after free in wddxdeserialize CVE-2016-7414: Out of bounds heap...