VYPR

CWE-476

NULL Pointer Dereference

BaseStableLikelihood: Medium

Description

The product dereferences a pointer that it expects to be valid but is NULL.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (1,587)

page 9 of 80
  • CVE-2017-17050HigNov 29, 2017
    risk 0.51cvss 7.8epss 0.00

    TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730020 DeviceIoControl request to \\.\Viragtlt.

  • CVE-2017-17049HigNov 29, 2017
    risk 0.51cvss 7.8epss 0.00

    TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730010 DeviceIoControl request to \\.\Viragtlt.

  • CVE-2017-16948HigNov 26, 2017
    risk 0.51cvss 7.8epss 0.00

    TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730008 DeviceIoControl request to \\.\Viragtlt.

  • CVE-2017-13135HigNov 16, 2017
    risk 0.51cvss 7.8epss 0.01

    A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure.

  • CVE-2017-2893HigNov 7, 2017
    risk 0.51cvss 7.5epss 0.27

    An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially…

  • CVE-2017-15056HigOct 6, 2017
    risk 0.51cvss 7.8epss 0.01

    p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack().

  • CVE-2017-15019HigOct 5, 2017
    risk 0.51cvss 7.8epss 0.01

    LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file, because of an incorrect calloc call.

  • CVE-2017-14181HigSep 7, 2017
    risk 0.51cvss 7.8epss 0.01

    DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid memory write, SEGV on unknown address 0x000000000030, and application crash) or possibly have unspecified other impact via a crafted .wav file,…

  • CVE-2017-13686HigAug 24, 2017
    risk 0.51cvss 7.8epss 0.00

    net/ipv4/route.c in the Linux kernel 4.13-rc1 through 4.13-rc6 is too late to check for a NULL fi field when RTM_F_FIB_MATCH is set, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via crafted system…

  • CVE-2017-12457HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file.

  • CVE-2017-6252HigJul 28, 2017
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler where a NULL pointer dereference may lead to a denial of service or potential escalation of privileges.

  • CVE-2015-9027HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.

  • CVE-2015-9026HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.

  • CVE-2015-9020HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory.

  • CVE-2014-9967HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.

  • CVE-2014-9949HigJun 6, 2017
    risk 0.51cvss 7.8epss 0.00

    In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist.

  • CVE-2014-9943HigJun 6, 2017
    risk 0.51cvss 7.8epss 0.00

    In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist.

  • CVE-2015-9000HigMay 16, 2017
    risk 0.51cvss 7.8epss 0.01

    In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

  • CVE-2017-0351HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.

  • CVE-2017-0349HigMay 9, 2017
    risk 0.51cvss 7.8epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is not correctly validated before it is dereferenced for a write operation, may lead…