CWE-476
NULL Pointer Dereference
Description
The product dereferences a pointer that it expects to be valid but is NULL.
Hierarchy (View 1000)
CVEs mapped to this weakness (1,587)
page 10 of 80| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0348 | Hig | 0.51 | 7.8 | 0.00 | May 9, 2017 | All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges. | ||
| CVE-2017-0341 | Hig | 0.51 | 7.8 | 0.00 | May 9, 2017 | All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input can trigger an access to a pointer that has not been initialized which may lead to denial of service or… | ||
| CVE-2017-0546 | Hig | 0.51 | 7.8 | 0.01 | Apr 7, 2017 | An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which… | ||
| CVE-2016-5870 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2017 | The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL… | ||
| CVE-2017-7374 | Hig | 0.51 | 7.8 | 0.01 | Mar 31, 2017 | Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic… | ||
| CVE-2017-2647 | Hig | 0.51 | 7.8 | 0.00 | Mar 31, 2017 | The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in… | ||
| CVE-2017-6298 | Hig | 0.51 | 7.8 | 0.01 | Feb 24, 2017 | An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked." | ||
| CVE-2016-4780 | Hig | 0.51 | 7.8 | 0.01 | Feb 20, 2017 | An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | ||
| CVE-2016-4678 | Hig | 0.51 | 7.8 | 0.00 | Feb 20, 2017 | An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "AppleSMC" component. It allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. | ||
| CVE-2017-0323 | Hig | 0.51 | 7.8 | 0.00 | Feb 15, 2017 | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges. | ||
| CVE-2017-0315 | Hig | 0.51 | 7.8 | 0.00 | Feb 15, 2017 | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an attempt to access an invalid object pointer may lead to denial of service or potential escalation of privileges. | ||
| CVE-2016-7080 | Hig | 0.51 | 7.8 | 0.00 | Dec 29, 2016 | The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7079. | ||
| CVE-2016-7079 | Hig | 0.51 | 7.8 | 0.00 | Dec 29, 2016 | The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7080. | ||
| CVE-2016-8814 | Hig | 0.51 | 7.8 | 0.00 | Dec 16, 2016 | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges. | ||
| CVE-2016-8813 | Hig | 0.51 | 7.8 | 0.00 | Dec 16, 2016 | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges. | ||
| CVE-2016-9313 | Hig | 0.51 | 7.8 | 0.02 | Nov 28, 2016 | security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified… | ||
| CVE-2016-7052 | Hig | 0.51 | 7.5 | 0.30 | Sep 26, 2016 | crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation. | ||
| CVE-2016-4777 | Hig | 0.51 | 7.8 | 0.02 | Sep 25, 2016 | The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (invalid pointer dereference) via a crafted app. | ||
| CVE-2016-4724 | Hig | 0.51 | 7.8 | 0.01 | Sep 25, 2016 | IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | ||
| CVE-2016-4696 | Hig | 0.51 | 7.8 | 0.01 | Sep 25, 2016 | AppleEFIRuntime in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. |
- risk 0.51cvss 7.8epss 0.00
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges.
- risk 0.51cvss 7.8epss 0.00
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input can trigger an access to a pointer that has not been initialized which may lead to denial of service or…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which…
- risk 0.51cvss 7.8epss 0.00
The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL…
- risk 0.51cvss 7.8epss 0.01
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic…
- risk 0.51cvss 7.8epss 0.00
The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
- risk 0.51cvss 7.8epss 0.00
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "AppleSMC" component. It allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
- risk 0.51cvss 7.8epss 0.00
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.
- risk 0.51cvss 7.8epss 0.00
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an attempt to access an invalid object pointer may lead to denial of service or potential escalation of privileges.
- risk 0.51cvss 7.8epss 0.00
The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7079.
- risk 0.51cvss 7.8epss 0.00
The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7080.
- risk 0.51cvss 7.8epss 0.00
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges.
- risk 0.51cvss 7.8epss 0.00
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges.
- risk 0.51cvss 7.8epss 0.02
security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified…
- risk 0.51cvss 7.5epss 0.30
crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.
- risk 0.51cvss 7.8epss 0.02
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (invalid pointer dereference) via a crafted app.
- risk 0.51cvss 7.8epss 0.01
IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
- risk 0.51cvss 7.8epss 0.01
AppleEFIRuntime in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.