CVE-2022-24810

HIGH Year: 2022
CVSS v3 Score
8.8
High
Weakness Type
CWE-476
View all →

Vulnerability Description

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.

Related Vulnerabilities

CVE-2016-3616

HIGH
CVSS:8.8(High)

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.

CWE-4762016

CVE-2017-0321

HIGH
CVSS:8.8(High)

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potent...

CWE-4762017

CVE-2017-11096

HIGH
CVSS:8.8(High)

When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() function in lib/modules/swffilter.c.

CWE-4762017

CVE-2017-11097

HIGH
CVSS:8.8(High)

When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a NULL Pointer Dereference in the dict_lookup() function in lib/q.c.

CWE-4762017

CVE-2017-11100

HIGH
CVSS:8.8(High)

When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c.

CWE-4762017

CVE-2017-11101

HIGH
CVSS:8.8(High)

When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() function in lib/modules/swftools.c.

CWE-4762017