VYPR

CWE-476

NULL Pointer Dereference

BaseStableLikelihood: Medium

Description

The product dereferences a pointer that it expects to be valid but is NULL.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (1,587)

page 38 of 80
  • CVE-2023-28827MedSep 10, 2024
    risk 0.38cvss 5.9epss 0.00

    A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl.…

  • CVE-2024-33600MedMay 6, 2024
    risk 0.38cvss 5.9epss 0.01

    nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was…

  • CVE-2017-11063MedOct 10, 2017
    risk 0.38cvss 5.9epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur.

  • CVE-2015-8762MedMar 27, 2017
    risk 0.38cvss 5.9epss 0.02

    The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.

  • CVE-2025-24179MedApr 29, 2025
    risk 0.37cvss 5.7epss 0.00

    A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may be able to cause…

  • CVE-2025-55663MedJun 15, 2026
    risk 0.36cvss 5.5epss 0.00

    A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

  • CVE-2025-55649MedJun 15, 2026
    risk 0.36cvss 5.5epss 0.00

    A NULL pointer dereference in the gf_media_map_esd function (media_tools/isom_tools.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

  • CVE-2025-55643MedJun 15, 2026
    risk 0.36cvss 5.5epss 0.00

    A NULL pointer dereference in the TrackWriter handling component (filters/mux_isom.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

  • CVE-2025-55641MedJun 15, 2026
    risk 0.36cvss 5.5epss 0.00

    A NULL pointer dereference in the gf_isom_copy_sample_info function (isomedia/isom_write.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

  • CVE-2025-7018MedJun 12, 2026
    risk 0.36cvss 5.5epss 0.00

    Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64.

  • CVE-2025-55651MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    A NULL pointer dereference in the gf_isom_get_user_data_count function (isomedia/isom_read.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

  • CVE-2026-34704MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition.…

  • CVE-2026-34703MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition.…

  • CVE-2026-47335MedMay 28, 2026
    risk 0.36cvss 5.5epss 0.00

    Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel panic.

  • CVE-2026-9759MedMay 27, 2026
    risk 0.36cvss 5.5epss 0.00

    ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of service

  • CVE-2026-7450MedMay 26, 2026
    risk 0.36cvss 5.5epss 0.00

    A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition.

  • CVE-2026-34662MedMay 12, 2026
    risk 0.36cvss 5.5epss 0.00

    Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition.…

  • CVE-2026-34339MedMay 12, 2026
    risk 0.36cvss 5.5epss 0.00

    Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally.

  • CVE-2026-20914MedMay 12, 2026
    risk 0.36cvss 5.5epss 0.00

    Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 2.6.0 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of…

  • CVE-2026-32216MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally.