Search the Community

The Microsoft Windows kernel suffers from a null pointer dereference vulnerability in nt!MiOffsetToProtos while parsing a malformed PE file. View the full article

Microsoft DirectWrite / AFDKO suffers from a NULL pointer dereferences vulnerability in OpenType font handling while accessing empty dynarrays. View the full article

Netwide Assembler (NASM) version 2.14rc15 null pointer dereference proof of concept exploit. View the full article

NTPsec version 1.1.2 suffer from a null pointer dereference vulnerability in ntp_control. View the full article

Microsoft Edge version 44.17763.1.0 suffers from a null pointer dereference vulnerability. View the full article

Microsoft Internet Explorer 11 suffers from a null pointer dereference vulnerability in Tree::Notify_InvalidateDisplay. View the full article

Linux suffers from an issue with systemd where chown_one() can dereference symlinks. View the full article

This Metasploit module exploits an elevation of privilege vulnerability that exists in Windows 7 and 2008 R2 when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This Metasploit module is tested against windows 7 x86, windows 7 x64 and windows server 2008 R2 standard x64. View the full article