VYPR

CWE-476

NULL Pointer Dereference

BaseStableLikelihood: Medium

Description

The product dereferences a pointer that it expects to be valid but is NULL.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (1,587)

page 24 of 80
  • CVE-2021-3449MedMar 25, 2021
    risk 0.43cvss 5.9epss 0.63

    An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a…

  • CVE-2018-17000MedSep 13, 2018
    risk 0.43cvss 6.5epss 0.03

    A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.

  • CVE-2018-14404MedJul 19, 2018
    risk 0.43cvss 6.5epss 0.04

    A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2…

  • CVE-2018-10373MedApr 25, 2018
    risk 0.43cvss 6.5epss 0.03

    concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new.

  • CVE-2017-18199MedFeb 24, 2018
    risk 0.43cvss 6.5epss 0.03

    realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

  • CVE-2016-10708HigJan 21, 2018
    risk 0.43cvss 7.5epss 0.16

    sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

  • CVE-2017-9608MedDec 27, 2017
    risk 0.43cvss 6.5epss 0.05

    The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file.

  • CVE-2017-16647MedNov 7, 2017
    risk 0.43cvss 6.6epss 0.00

    drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-16646MedNov 7, 2017
    risk 0.43cvss 6.6epss 0.00

    drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-16537MedNov 4, 2017
    risk 0.43cvss 6.6epss 0.00

    The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-16536MedNov 4, 2017
    risk 0.43cvss 6.6epss 0.00

    The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-16532MedNov 4, 2017
    risk 0.43cvss 6.6epss 0.00

    The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-7522MedJun 27, 2017
    risk 0.43cvss 6.5epss 0.06

    OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

  • CVE-2017-9216MedMay 24, 2017
    risk 0.43cvss 6.5epss 0.03

    libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.

  • CVE-2016-9559MedMar 1, 2017
    risk 0.43cvss 6.5epss 0.04

    coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.

  • CVE-2015-8916MedSep 20, 2016
    risk 0.43cvss 6.5epss 0.03

    bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.

  • CVE-2016-3120MedAug 1, 2016
    risk 0.43cvss 6.5epss 0.05

    The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to…

  • CVE-2016-6292MedJul 25, 2016
    risk 0.43cvss 6.5epss 0.04

    The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.

  • CVE-2013-6954MedJan 12, 2014
    risk 0.43cvss 6.5epss 0.05

    The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.

  • CVE-2011-2691MedJul 17, 2011
    risk 0.43cvss 6.5epss 0.04

    The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service…