VYPR

CWE-476

NULL Pointer Dereference

BaseStableLikelihood: Medium

Description

The product dereferences a pointer that it expects to be valid but is NULL.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (1,587)

page 34 of 80
  • CVE-2017-5937MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0.6.0 and earlier allows local guest OS users to cause a denial of service (NULL pointer dereference) via a crafted VIRGL_CCMD_CLEAR command.

  • CVE-2017-6210MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero).

  • CVE-2016-10250HigMar 15, 2017
    risk 0.42cvss 7.5epss 0.04

    The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for…

  • CVE-2016-10248HigMar 15, 2017
    risk 0.42cvss 7.5epss 0.04

    The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence.

  • CVE-2016-10189HigMar 14, 2017
    risk 0.42cvss 7.5epss 0.04

    BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.

  • CVE-2016-7627MedFeb 20, 2017
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "CoreGraphics" component. It allows attackers to cause a denial of service (NULL pointer dereference and…

  • CVE-2016-5037MedFeb 17, 2017
    risk 0.42cvss 6.5epss 0.03

    The _dwarf_load_section function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

  • CVE-2016-5030MedFeb 17, 2017
    risk 0.42cvss 6.5epss 0.03

    The _dwarf_calculate_info_section_end_ptr function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

  • CVE-2016-5029MedFeb 17, 2017
    risk 0.42cvss 6.5epss 0.03

    The create_fullest_file_path function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted dwarf file.

  • CVE-2016-5028MedFeb 17, 2017
    risk 0.42cvss 6.5epss 0.03

    The print_frame_inst_bytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via an object file with empty bss-like sections.

  • CVE-2016-10162HigJan 24, 2017
    risk 0.42cvss 7.5epss 0.06

    The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to…

  • CVE-2016-9631MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9629MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9628MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9624MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9623MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9622MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9443MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9441MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9440MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.