CWE-476
NULL Pointer Dereference
Description
The product dereferences a pointer that it expects to be valid but is NULL.
Hierarchy (View 1000)
CVEs mapped to this weakness (1,587)
page 14 of 80| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-30195 | Hig | 0.49 | 7.5 | 0.01 | Apr 7, 2025 | An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is: upgrade to the patched 5.2.1 version. We would… | ||
| CVE-2025-24177 | Hig | 0.49 | 7.5 | 0.01 | Jan 27, 2025 | A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker on the local network may be able to cause a denial-of-service. | ||
| CVE-2024-24442 | Hig | 0.49 | 7.5 | 0.00 | Jan 21, 2025 | A NULL pointer dereference in the ngap_app::handle_receive routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP message. | ||
| CVE-2025-0430 | Hig | 0.49 | 7.5 | 0.00 | Jan 17, 2025 | Belledonne Communications Linphone-Desktop is vulnerable to a NULL Dereference vulnerability, which could allow a remote attacker to create a denial-of-service condition. | ||
| CVE-2024-43357 | — | Hig | 0.49 | 8.6 | 0.01 | Aug 15, 2024 | ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript (JavaScript) specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security… | |
| CVE-2024-39130 | — | Hig | 0.49 | 7.5 | 0.00 | Jun 27, 2024 | A NULL Pointer Dereference discovered in DumpTS v0.1.0-nightly allows attackers to cause a denial of service via the function DumpOneStream() at /src/DumpStream.cpp. | |
| CVE-2024-24194 | Hig | 0.49 | 7.5 | 0.00 | Jun 6, 2024 | robdns commit d76d2e6 was discovered to contain a NULL pointer dereference via the item->tokens component at /src/conf-parse.c. | ||
| CVE-2024-35492 | Hig | 0.49 | 7.5 | 0.01 | May 29, 2024 | Cesanta Mongoose commit b316989 was discovered to contain a NULL pointer dereference via the scpy function at src/fmt.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MQTT packet. | ||
| CVE-2023-51391 | Hig | 0.49 | 7.5 | 0.01 | Apr 16, 2024 | A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service. | ||
| CVE-2023-0401 | Hig | 0.49 | 7.5 | 0.02 | Feb 8, 2023 | A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest… | ||
| CVE-2023-0217 | Hig | 0.49 | 7.5 | 0.02 | Feb 8, 2023 | An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted… | ||
| CVE-2023-0216 | Hig | 0.49 | 7.5 | 0.02 | Feb 8, 2023 | An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service… | ||
| CVE-2021-42521 | Hig | 0.49 | 7.5 | 0.01 | Aug 25, 2022 | There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that… | ||
| CVE-2021-41497 | — | Hig | 0.49 | 7.5 | 0.01 | Dec 17, 2021 | Null pointer reference in CMS_Conservative_increment_obj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket. | |
| CVE-2021-22792 | Hig | 0.49 | 7.5 | 0.01 | Sep 2, 2021 | A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all… | ||
| CVE-2021-29241 | Hig | 0.49 | 7.5 | 0.01 | May 3, 2021 | CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS). | ||
| CVE-2021-28307 | — | Hig | 0.49 | 7.5 | 0.01 | Mar 12, 2021 | An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon. | |
| CVE-2021-28306 | — | Hig | 0.49 | 7.5 | 0.01 | Mar 12, 2021 | An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a multi label type if the image is nonexistent. | |
| CVE-2021-25904 | — | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in the av-data crate before 0.3.0 for Rust. A raw pointer is dereferenced, leading to a read of an arbitrary memory address, sometimes causing a segfault. | |
| CVE-2021-25903 | — | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in the cache crate through 2021-01-01 for Rust. A raw pointer is dereferenced. |
- risk 0.49cvss 7.5epss 0.01
An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is: upgrade to the patched 5.2.1 version. We would…
- risk 0.49cvss 7.5epss 0.01
A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker on the local network may be able to cause a denial-of-service.
- risk 0.49cvss 7.5epss 0.00
A NULL pointer dereference in the ngap_app::handle_receive routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP message.
- risk 0.49cvss 7.5epss 0.00
Belledonne Communications Linphone-Desktop is vulnerable to a NULL Dereference vulnerability, which could allow a remote attacker to create a denial-of-service condition.
- risk 0.49cvss 8.6epss 0.01
ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript (JavaScript) specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security…
- risk 0.49cvss 7.5epss 0.00
A NULL Pointer Dereference discovered in DumpTS v0.1.0-nightly allows attackers to cause a denial of service via the function DumpOneStream() at /src/DumpStream.cpp.
- risk 0.49cvss 7.5epss 0.00
robdns commit d76d2e6 was discovered to contain a NULL pointer dereference via the item->tokens component at /src/conf-parse.c.
- risk 0.49cvss 7.5epss 0.01
Cesanta Mongoose commit b316989 was discovered to contain a NULL pointer dereference via the scpy function at src/fmt.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MQTT packet.
- risk 0.49cvss 7.5epss 0.01
A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service.
- risk 0.49cvss 7.5epss 0.02
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest…
- risk 0.49cvss 7.5epss 0.02
An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted…
- risk 0.49cvss 7.5epss 0.02
An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service…
- risk 0.49cvss 7.5epss 0.01
There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that…
- risk 0.49cvss 7.5epss 0.01
Null pointer reference in CMS_Conservative_increment_obj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket.
- risk 0.49cvss 7.5epss 0.01
A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all…
- risk 0.49cvss 7.5epss 0.01
CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a multi label type if the image is nonexistent.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the av-data crate before 0.3.0 for Rust. A raw pointer is dereferenced, leading to a read of an arbitrary memory address, sometimes causing a segfault.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the cache crate through 2021-01-01 for Rust. A raw pointer is dereferenced.