CWE-395
Use of NullPointerException Catch to Detect NULL Pointer Dereference
BaseDraft
Description
Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.
Hierarchy (View 1000)
CVEs mapped to this weakness (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-36275 | Med | 0.40 | 6.1 | 0.00 | Nov 13, 2024 | NULL pointer dereference in some Intel(R) Optane(TM) PMem Management software versions before CR_MGMT_02.00.00.4040, CR_MGMT_03.00.00.0499 may allow a authenticated user to potentially enable denial of service via local access. | |
| CVE-2023-23904 | Med | 0.40 | 6.1 | 0.00 | Sep 16, 2024 | NULL pointer dereference in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |
| CVE-2023-41082 | Med | 0.29 | 4.4 | 0.00 | May 16, 2024 | Null pointer dereference for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access. | |
| CVE-2023-48727 | Low | 0.21 | 3.3 | 0.00 | May 16, 2024 | NULL pointer dereference in some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2024-28030 | Low | 0.14 | 2.2 | 0.00 | Nov 13, 2024 | NULL pointer dereference in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable denial of service via local access. |