CWE-476— NULL Pointer Dereference
4,740 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-476page 27 of 95
- CVE-2021-39921HIGHCVSS 7.5EG 7.52021-11-19
NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
- CVE-2021-39923HIGHCVSS 7.5EG 7.52021-11-19
Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
- CVE-2021-39928HIGHCVSS 7.5EG 7.52021-11-18
NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
- CVE-2021-39973HIGHCVSS 7.5EG 7.52022-01-03
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.
- CVE-2021-39977HIGHCVSS 7.5EG 7.52022-01-03
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
- CVE-2021-39988HIGHCVSS 7.5EG 7.52022-01-03
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
- CVE-2021-40018HIGHCVSS 7.5EG 7.52022-01-10
The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40027HIGHCVSS 7.5EG 7.52022-01-10
The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40031HIGHCVSS 7.5EG 7.52022-01-10
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
- CVE-2021-40039HIGHCVSS 7.5EG 7.52022-01-10
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
- CVE-2021-40157HIGHCVSS 7.8EG 7.82021-09-15
A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system.
- CVE-2021-40264MEDIUMCVSS 6.5EG 6.52023-08-22
NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp.
- CVE-2021-40266MEDIUMCVSS 6.5EG 6.52023-08-22
FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference.
- CVE-2021-4043MEDIUMCVSS 5.5EG 5.52022-02-04
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0.
- CVE-2021-40559MEDIUMCVSS 5.5EG 5.52022-01-12
A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service.
- CVE-2021-40563MEDIUMCVSS 5.5EG 5.52022-01-12
A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service.
- CVE-2021-40564MEDIUMCVSS 5.5EG 5.52022-01-12
A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.
- CVE-2021-40565MEDIUMCVSS 5.5EG 5.52022-01-12
A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service.
- CVE-2021-40575MEDIUMCVSS 5.5EG 5.52022-01-13
The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which allows attackers to cause a denial of service. This vulnerability is possibly due to an incomplete fi…
- CVE-2021-40576MEDIUMCVSS 5.5EG 5.52022-01-13
The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which allows attackers to cause a denial of service.
- CVE-2021-40732MEDIUMCVSS 6.1EG 6.12021-10-13
XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User…
- CVE-2021-40737MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Audition version 14.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-serv…
- CVE-2021-40742MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Audition version 14.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-serv…
- CVE-2021-40750MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Bridge version 11.1.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-serv…
- CVE-2021-40756MEDIUMCVSS 5.5EG 5.52021-11-18
Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-…
- CVE-2021-40761MEDIUMCVSS 5.5EG 5.52021-11-18
Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-…
- CVE-2021-40762MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denia…
- CVE-2021-40768MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denia…
- CVE-2021-40773MEDIUMCVSS 5.5EG 5.52021-11-22
Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-servi…
- CVE-2021-40774MEDIUMCVSS 5.5EG 5.52021-11-22
Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-servi…
- CVE-2021-40778MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-servi…
- CVE-2021-40781MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-servi…
- CVE-2021-40782MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-servi…
- CVE-2021-40785MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an applica…
- CVE-2021-40788MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an applica…
- CVE-2021-40789MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an applica…
- CVE-2021-40796MEDIUMCVSS 5.5EG 5.52022-03-16
Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-servic…
- CVE-2021-40826HIGHCVSS 7.8EG 7.82021-12-15
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads …
- CVE-2021-40943MEDIUMCVSS 5.5EG 5.52022-06-28
In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS).
- CVE-2021-40944MEDIUMCVSS 5.5EG 5.52022-06-28
In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS).
- CVE-2021-4095MEDIUMCVSS 5.5EG 5.52022-03-10
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a deni…
- CVE-2021-4110HIGHCVSS 7.5EG 7.52021-12-15
mruby is vulnerable to NULL Pointer Dereference
- CVE-2021-41208HIGHCVSS 8.8EG 8.82021-11-05
TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service (via dereferencing `nullptr`s or vi…
- CVE-2021-41215MEDIUMCVSS 5.5EG 5.52021-11-05
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `DeserializeSparse` can trigger a null pointer dereference. This is because the shape inference function assumes that the `serial…
- CVE-2021-41217MEDIUMCVSS 5.5EG 5.52021-11-05
TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This…
- CVE-2021-4145MEDIUMCVSS 6.5EG 6.52022-01-25
A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user wi…
- CVE-2021-41495MEDIUMCVSS 5.3EG 5.32021-12-17
Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. …
- CVE-2021-41497HIGHCVSS 7.5EG 7.52021-12-17
Null pointer reference in CMS_Conservative_increment_obj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket.
- CVE-2021-41524HIGHCVSS 7.5EG 7.52021-10-05
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduc…
- CVE-2021-4158MEDIUMCVSS 6.0EG 6.02022-08-24
A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
Map vulnerabilities like CWE-476 to your infrastructure
EchelonGraph correlates every CVE — across CWE-476 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →