CWE-476— NULL Pointer Dereference
4,740 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-476page 47 of 95
- CVE-2023-31083MEDIUMCVSS 4.7EG 4.72023-04-24
An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL point…
- CVE-2023-31129HIGHCVSS 7.5EG 7.52023-05-08
The Contiki-NG operating system versions 4.8 and prior can be triggered to dereference a NULL pointer in the message handling code for IPv6 router solicitiations. Contiki-NG contains an implementation of IPv6 Neighbor Discovery (ND) in the…
- CVE-2023-31441MEDIUMCVSS 5.5EG 5.52023-07-18
In NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. This is related to the U+FFFD Unicode replacement character. A for …
- CVE-2023-32008HIGHCVSS 7.8EG 7.82023-06-14
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
- CVE-2023-32084HIGHCVSS 7.5EG 7.52023-07-11
HTTP.sys Denial of Service Vulnerability
- CVE-2023-3212MEDIUMCVSS 4.4EG 4.42023-06-23
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL.…
- CVE-2023-32171MEDIUMCVSS 6.5EG 6.52024-05-03
Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGatew…
- CVE-2023-3220MEDIUMCVSS 5.5EG 5.52023-06-20
An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference.
- CVE-2023-32248HIGHCVSS 7.5EG 7.52023-07-24
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of …
- CVE-2023-32252HIGHCVSS 7.5EG 7.52023-07-24
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessi…
- CVE-2023-32970MEDIUMCVSS 4.9EG 4.92023-10-13
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network.…
- CVE-2023-33036HIGHCVSS 7.1EG 7.12024-01-02
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.
- CVE-2023-33056HIGHCVSS 7.5EG 7.52023-11-07
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.
- CVE-2023-33088HIGHCVSS 8.4EG 8.42023-12-05
Memory corruption when processing cmd parameters while parsing vdev.
- CVE-2023-33089HIGHCVSS 7.5EG 7.52023-12-05
Transient DOS when processing a NULL buffer while parsing WLAN vdev.
- CVE-2023-33109HIGHCVSS 7.5EG 7.52024-01-02
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
- CVE-2023-33121LOWCVSS 3.3EG 3.32023-06-13
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions <…
- CVE-2023-3316MEDIUMCVSS 5.9EG 5.92023-06-19
A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.
- CVE-2023-33306MEDIUMCVSS 6.5EG 6.52023-06-16
A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter.
- CVE-2023-33307MEDIUMCVSS 6.5EG 6.52023-06-16
A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.
- CVE-2023-3338MEDIUMCVSS 6.5EG 7.52023-06-30
A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system.
- CVE-2023-33461MEDIUMCVSS 5.5EG 5.52023-06-01
iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's return.
- CVE-2023-3354HIGHCVSS 7.5EG 7.52023-07-11
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous con…
- CVE-2023-3355MEDIUMCVSS 4.7EG 5.52023-06-28
A NULL pointer dereference flaw was found in the Linux kernel's drivers/gpu/drm/msm/msm_gem_submit.c code in the submit_lookup_cmds function, which fails because it lacks a check of the return value of kmalloc(). This issue allows a local …
- CVE-2023-3357MEDIUMCVSS 5.5EG 5.52023-06-28
A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system.
- CVE-2023-3358MEDIUMCVSS 5.5EG 5.52023-06-28
A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash the system.
- CVE-2023-3359MEDIUMCVSS 5.5EG 5.52023-06-28
An issue was discovered in the Linux kernel brcm_nvram_parse in drivers/nvmem/brcm_nvram.c. Lacks for the check of the return value of kzalloc() can cause the NULL Pointer Dereference.
- CVE-2023-33973HIGHCVSS 7.5EG 7.52023-05-30
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In versions 2023.01 and prior, an attacker can send a crafted frame which is forwarded by the device. D…
- CVE-2023-34164HIGHCVSS 7.5EG 7.52023-07-06
Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability.
- CVE-2023-34323MEDIUMCVSS 5.5EG 5.52024-01-05
When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. …
- CVE-2023-34398HIGHCVSS 7.5EG 7.52025-02-13
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference.
- CVE-2023-34400HIGHCVSS 7.5EG 7.52025-02-13
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. In case of parsing file, service try to define header inside the file and convert it to null-terminated string. If character is missed, will ret…
- CVE-2023-35338HIGHCVSS 7.5EG 7.52023-07-11
Windows Peer Name Resolution Protocol Denial of Service Vulnerability
- CVE-2023-3603LOWCVSS 3.1EG 3.12023-07-21
A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being c…
- CVE-2023-36199HIGHCVSS 7.5EG 7.52023-08-25
An issue in skalenetwork sgxwallet v.1.9.0 and below allows an attacker to cause a denial of service via the trustedGenerateEcdsaKey component.
- CVE-2023-36602HIGHCVSS 7.5EG 7.52023-10-10
Windows TCP/IP Denial of Service Vulnerability
- CVE-2023-36603HIGHCVSS 7.5EG 7.52023-10-10
Windows TCP/IP Denial of Service Vulnerability
- CVE-2023-36709HIGHCVSS 7.5EG 7.52023-10-10
Microsoft AllJoyn API Denial of Service Vulnerability
- CVE-2023-37025MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Reset` packet …
- CVE-2023-37026MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `E-RAB Release …
- CVE-2023-37027MEDIUMCVSS 6.5EG 6.52025-01-21
Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `E-RAB Modificati…
- CVE-2023-37028MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `E-RAB Modifica…
- CVE-2023-37030MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Mes…
- CVE-2023-37031MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `eNB Configurat…
- CVE-2023-37033MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Mes…
- CVE-2023-37034MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Mes…
- CVE-2023-37035MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `S1Setup Reques…
- CVE-2023-37036MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Uplink NAS Tra…
- CVE-2023-37037MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `S1Setup Reques…
- CVE-2023-37038MEDIUMCVSS 6.5EG 6.52025-01-21
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Uplink NAS Tra…
Map vulnerabilities like CWE-476 to your infrastructure
EchelonGraph correlates every CVE — across CWE-476 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →