VYPR

CWE-395

Use of NullPointerException Catch to Detect NULL Pointer Dereference

BaseDraft

Description

Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (6)

  • CVE-2024-36275MedNov 13, 2024
    risk 0.40cvss 6.1epss 0.00

    NULL pointer dereference in some Intel(R) Optane(TM) PMem Management software versions before CR_MGMT_02.00.00.4040, CR_MGMT_03.00.00.0499 may allow a authenticated user to potentially enable denial of service via local access.

  • CVE-2023-23904MedSep 16, 2024
    risk 0.40cvss 6.1epss 0.00

    NULL pointer dereference in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2023-41082MedMay 16, 2024
    risk 0.29cvss 4.4epss 0.00

    Null pointer dereference for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2023-48727LowMay 16, 2024
    risk 0.21cvss 3.3epss 0.00

    NULL pointer dereference in some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2024-28030LowNov 13, 2024
    risk 0.14cvss 2.2epss 0.00

    NULL pointer dereference in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2013-2132Aug 15, 2013
    risk 0.00cvss epss 0.03

    bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef."