VYPR

CWE-476

NULL Pointer Dereference

BaseStableLikelihood: Medium

Description

The product dereferences a pointer that it expects to be valid but is NULL.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (1,587)

page 73 of 80
  • CVE-2026-43864LowMay 4, 2026
    risk 0.09cvss 2.5epss 0.00

    mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.

  • CVE-2021-29616LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The implementation of TrySimplify(https://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc#L390-L401) has undefined…

  • CVE-2021-29583LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FusedBatchNorm` is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The…

  • CVE-2021-29574LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` exhibits undefined behavior by dereferencing null pointers backing attacker-supplied empty tensors. The implementation(https://github.com/tensorflow/tensorf…

  • CVE-2021-29572LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementation(https://github.com/tensorflow/tensorflow/blob/60a45c8b6192a4699f2e2709a2645a…

  • CVE-2021-29568LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in `tf.raw_ops.ParameterizedTruncatedNormal`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/3f6fe4dfef6f…

  • CVE-2021-29565LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.SparseFillEmptyRows`. This is because of missing validation(https://github.com/tensorflow/tensorflow/blob/fdc82089d206e28…

  • CVE-2021-29564LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.EditDistance`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/79865b542f9ffdc9caeb25563…

  • CVE-2021-29541LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in `tf.raw_ops.StringNGrams`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1cdd4da14282210cc759e468d9781741ac7d01bf/t…

  • CVE-2021-29530LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference by providing an invalid `permutation` to `tf.raw_ops.SparseMatrixSparseCholesky`. This is because the implementation(https://github.com/tensorflow/tensorflow/…

  • CVE-2021-29518LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. In eager mode (default in TF 2.0 and later), session operations are invalid. However, users could still call the raw ops associated with them and trigger a null pointer dereference. The…

  • CVE-2021-29516LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.RaggedTensorToVariant` with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of `RaggedTensorToVariant`…

  • CVE-2021-29515LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixDiag*` operations(https://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrix_diag_op.cc#L195-L197) does not…

  • CVE-2021-29513LowMay 14, 2021
    risk 0.09cvss 2.5epss 0.00

    TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++…

  • CVE-2009-1386Jun 4, 2009
    risk 0.09cvss epss 0.80

    ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.

  • CVE-2006-6565Dec 15, 2006
    risk 0.09cvss epss 0.70

    FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wildcard argument to the (1) LIST or (2) NLST commands, which results in a NULL pointer dereference, a different set of vectors than CVE-2006-6564. NOTE: CVE analysis suggests that…

  • CVE-2014-3470Jun 5, 2014
    risk 0.07cvss epss 0.86

    The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by…

  • CVE-2025-13425LowNov 20, 2025
    risk 0.05cvss epss 0.00

    A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next() to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic (index out of range) and an application crash (denial of service) in OSV-SCALIBR.

  • CVE-2018-5333MedJan 11, 2018
    risk 0.04cvss 5.5epss 0.08

    In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.

  • CVE-2014-0198May 6, 2014
    risk 0.04cvss epss 0.44

    The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and…