Export limit exceeded: 16271 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 335283 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5166 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41208 | 1 Google | 1 Tensorflow | 2024-11-21 | 8.8 High |
| TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service (via dereferencing `nullptr`s or via `CHECK`-failures) as well as abuse undefined behavior (binding references to `nullptr`s). An attacker can also read and write from heap buffers, depending on the API that gets used and the arguments that are passed to the call. Given that the boosted trees implementation in TensorFlow is unmaintained, it is recommend to no longer use these APIs. We will deprecate TensorFlow's boosted trees APIs in subsequent releases. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. | ||||
| CVE-2021-40944 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS). | ||||
| CVE-2021-40943 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 5.5 Medium |
| In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS). | ||||
| CVE-2021-40826 | 2 Clementine-player, Microsoft | 2 Clementine, Windows | 2024-11-21 | 7.8 High |
| Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine. Attackers could exploit this issue to cause a crash (DoS) of the clementine.exe process or achieve arbitrary code execution in the context of the current logged-in Windows user. | ||||
| CVE-2021-40576 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which allows attackers to cause a denial of service. | ||||
| CVE-2021-40575 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which allows attackers to cause a denial of service. This vulnerability is possibly due to an incomplete fix for CVE-2021-40566. | ||||
| CVE-2021-40565 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service. | ||||
| CVE-2021-40564 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service. | ||||
| CVE-2021-40563 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service. | ||||
| CVE-2021-40559 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service. | ||||
| CVE-2021-40266 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | 6.5 Medium |
| FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference. | ||||
| CVE-2021-40264 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | 6.5 Medium |
| NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp. | ||||
| CVE-2021-40039 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.5 High |
| There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | ||||
| CVE-2021-40031 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 High |
| There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | ||||
| CVE-2021-40018 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.5 High |
| The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2021-3739 | 3 Fedoraproject, Linux, Netapp | 18 Fedora, Linux Kernel, H300e and 15 more | 2024-11-21 | 7.1 High |
| A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3671 | 3 Debian, Netapp, Samba | 5 Debian Linux, Management Services For Element Software, Management Services For Netapp Hci and 2 more | 2024-11-21 | 6.5 Medium |
| A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server. | ||||
| CVE-2021-3659 | 3 Fedoraproject, Linux, Redhat | 17 Fedora, Linux Kernel, Codeready Linux Builder and 14 more | 2024-11-21 | 5.5 Medium |
| A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3607 | 3 Debian, Fedoraproject, Qemu | 3 Debian Linux, Fedora, Qemu | 2024-11-21 | 6.0 Medium |
| An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest user to make QEMU allocate a large amount of memory, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3596 | 4 Debian, Fedoraproject, Imagemagick and 1 more | 4 Debian Linux, Fedora, Imagemagick and 1 more | 2024-11-21 | 6.5 Medium |
| A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault. | ||||