CWE-395
Use of NullPointerException Catch to Detect NULL Pointer Dereference
Description
Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.
Hierarchy (View 1000)
CVEs mapped to this weakness (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-36275 | Med | 0.40 | 6.1 | 0.00 | Nov 13, 2024 | NULL pointer dereference in some Intel(R) Optane(TM) PMem Management software versions before CR_MGMT_02.00.00.4040, CR_MGMT_03.00.00.0499 may allow a authenticated user to potentially enable denial of service via local access. | ||
| CVE-2023-23904 | Med | 0.40 | 6.1 | 0.00 | Sep 16, 2024 | NULL pointer dereference in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||
| CVE-2023-41082 | Med | 0.29 | 4.4 | 0.00 | May 16, 2024 | Null pointer dereference for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2023-48727 | Low | 0.21 | 3.3 | 0.00 | May 16, 2024 | NULL pointer dereference in some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2024-28030 | Low | 0.14 | 2.2 | 0.00 | Nov 13, 2024 | NULL pointer dereference in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2013-2132 | 0.00 | — | 0.03 | Aug 15, 2013 | bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef." |
- risk 0.40cvss 6.1epss 0.00
NULL pointer dereference in some Intel(R) Optane(TM) PMem Management software versions before CR_MGMT_02.00.00.4040, CR_MGMT_03.00.00.0499 may allow a authenticated user to potentially enable denial of service via local access.
- risk 0.40cvss 6.1epss 0.00
NULL pointer dereference in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
- risk 0.29cvss 4.4epss 0.00
Null pointer dereference for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access.
- risk 0.21cvss 3.3epss 0.00
NULL pointer dereference in some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable information disclosure via local access.
- risk 0.14cvss 2.2epss 0.00
NULL pointer dereference in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2013-2132Aug 15, 2013risk 0.00cvss —epss 0.03
bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef."