VYPR

CWE-476

NULL Pointer Dereference

BaseStableLikelihood: Medium

Description

The product dereferences a pointer that it expects to be valid but is NULL.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (1,587)

page 45 of 80
  • CVE-2018-14543MedJul 23, 2018
    risk 0.36cvss 5.5epss 0.01

    There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump.

  • CVE-2018-14332MedJul 19, 2018
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is…

  • CVE-2018-12928MedJun 28, 2018
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.

  • CVE-2018-12102MedJun 11, 2018
    risk 0.36cvss 5.5epss 0.01

    md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block.

  • CVE-2018-10196MedMay 30, 2018
    risk 0.36cvss 5.5epss 0.02

    NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.

  • CVE-2018-6963MedMay 22, 2018
    risk 0.36cvss 5.5epss 0.00

    VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges…

  • CVE-2018-11255MedMay 18, 2018
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.

  • CVE-2018-8060MedMay 10, 2018
    risk 0.36cvss 5.5epss 0.01

    HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic…

  • CVE-2018-10535MedApr 29, 2018
    risk 0.36cvss 5.5epss 0.02

    The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote…

  • CVE-2018-10323MedApr 24, 2018
    risk 0.36cvss 5.5epss 0.01

    The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.

  • CVE-2018-10322MedApr 24, 2018
    risk 0.36cvss 5.5epss 0.01

    The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.

  • CVE-2018-9151MedMar 30, 2018
    risk 0.36cvss 5.5epss 0.00

    A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys allows local non-privileged users to crash the system via IOCTL 0x80030030.

  • CVE-2017-17135MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00;…

  • CVE-2017-17134MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has a DoS vulnerability. Due to not check the…

  • CVE-2017-17133MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    Huawei VP9660 V500R002C10 has a null pointer reference vulnerability in license module due to insufficient verification. An authenticated local attacker could place a malicious license file into system which cause memory null pointer accessing and related processing crash. The…

  • CVE-2018-7642MedMar 2, 2018
    risk 0.36cvss 5.5epss 0.02

    The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted…

  • CVE-2018-7570MedFeb 28, 2018
    risk 0.36cvss 5.5epss 0.02

    The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an ELF file…

  • CVE-2018-7454MedFeb 24, 2018
    risk 0.36cvss 5.5epss 0.01

    A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-7452MedFeb 24, 2018
    risk 0.36cvss 5.5epss 0.01

    A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.

  • CVE-2018-7175MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components.