Total
3814 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-8762 | 1 Freeradius | 1 Freeradius | 2024-11-21 | N/A |
| The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet. | ||||
| CVE-2015-8750 | 1 Libdwarf Project | 1 Libdwarf | 2024-11-21 | 6.5 Medium |
| libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file. | ||||
| CVE-2015-8722 | 1 Wireshark | 1 Wireshark | 2024-11-21 | N/A |
| epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. | ||||
| CVE-2015-8630 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2024-11-21 | N/A |
| The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name. | ||||
| CVE-2015-8592 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not validated prior to being dereferenced potentially resulting in Guest-OS memory corruption. | ||||
| CVE-2015-8551 | 4 Debian, Linux, Opensuse and 1 more | 8 Debian Linux, Linux Kernel, Opensuse and 5 more | 2024-11-21 | 6.0 Medium |
| The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks." | ||||
| CVE-2015-8543 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2024-11-21 | 7.0 High |
| The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application. | ||||
| CVE-2015-8324 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
| The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function. | ||||
| CVE-2015-8272 | 1 Rtmpdump Project | 1 Rtmpdump | 2024-11-21 | N/A |
| RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash). | ||||
| CVE-2015-8270 | 1 Rtmpdump Project | 1 Rtmpdump | 2024-11-21 | N/A |
| The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash). | ||||
| CVE-2015-7990 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937. | ||||
| CVE-2015-7977 | 9 Canonical, Debian, Fedoraproject and 6 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2024-11-21 | 5.9 Medium |
| ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. | ||||
| CVE-2015-7833 | 2 Novell, Redhat | 2 Suse Linux Enterprise Real Time Extension, Enterprise Linux | 2024-11-21 | N/A |
| The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor. | ||||
| CVE-2015-7803 | 3 Apple, Php, Redhat | 3 Mac Os X, Php, Rhel Software Collections | 2024-11-21 | N/A |
| The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist. | ||||
| CVE-2015-7799 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call. | ||||
| CVE-2015-7566 | 2 Linux, Novell | 5 Linux Kernel, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Real Time Extension and 2 more | 2024-11-21 | N/A |
| The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint. | ||||
| CVE-2015-7550 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls. | ||||
| CVE-2015-7549 | 1 Qemu | 1 Qemu | 2024-11-21 | N/A |
| The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method. | ||||
| CVE-2015-7516 | 1 Onosproject | 1 Onos | 2024-11-21 | N/A |
| ONOS before 1.5.0 when using the ifwd app allows remote attackers to cause a denial of service (NULL pointer dereference and switch disconnect) by sending two Ethernet frames with ether_type Jumbo Frame (0x8870). | ||||
| CVE-2015-7515 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.6 Medium |
| The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints. | ||||