VYPR

CWE-476

NULL Pointer Dereference

BaseStableLikelihood: Medium

Description

The product dereferences a pointer that it expects to be valid but is NULL.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (1,587)

page 35 of 80
  • CVE-2016-9440MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9438MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9434MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9430MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9117MedOct 30, 2016
    risk 0.42cvss 6.5epss 0.02

    NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

  • CVE-2016-9116MedOct 30, 2016
    risk 0.42cvss 6.5epss 0.02

    NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

  • CVE-2013-4119HigOct 3, 2016
    risk 0.42cvss 7.5epss 0.04

    FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished.

  • CVE-2013-4118HigOct 3, 2016
    risk 0.42cvss 7.5epss 0.04

    FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.

  • CVE-2016-6504MedAug 6, 2016
    risk 0.42cvss 5.9epss 0.07

    epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

  • CVE-2016-4605MedJul 22, 2016
    risk 0.42cvss 6.5epss 0.02

    Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted invitation.

  • CVE-2016-1811MedMay 20, 2016
    risk 0.42cvss 6.5epss 0.02

    ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.

  • CVE-2011-2482HigJun 8, 2013
    risk 0.42cvss 7.5epss 0.04

    A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet.

  • CVE-2025-70102MedJun 15, 2026
    risk 0.41cvss 6.3epss 0.00

    A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parse_option() (src/if-options.c:1886), the code performs a member access on a NULL pointer of type 'struct dhcp_opt' when an unexpected/invalid option…

  • CVE-2024-22099MedJan 25, 2024
    risk 0.41cvss 6.3epss 0.01

    NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.

  • CVE-2022-38096MedSep 9, 2022
    risk 0.41cvss 6.3epss 0.01

    A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege,…

  • CVE-2018-0833MedFeb 15, 2018
    risk 0.41cvss 5.3epss 0.41

    The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests are handled, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability".

  • CVE-2017-15102MedNov 15, 2017
    risk 0.41cvss 6.3epss 0.00

    The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and…

  • CVE-2026-20771MedMay 12, 2026
    risk 0.40cvss 6.1epss 0.00

    Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of…

  • CVE-2026-28985MedMay 11, 2026
    risk 0.40cvss 6.2epss 0.00

    A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service.

  • CVE-2026-22722MedFeb 26, 2026
    risk 0.40cvss 6.1epss 0.00

    A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in the "Fixed version" column of the 'Response Matrix'