CWE-476— NULL Pointer Dereference
4,740 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-476page 55 of 95
- CVE-2023-7042MEDIUMCVSS 4.4EG 4.42023-12-21
A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.
- CVE-2024-0035HIGHCVSS 7.8EG 7.42024-02-16
In onNullBinding of TileLifecycleManager.java, there is a possible way to launch an activity from the background due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. …
- CVE-2024-0072LOWCVSS 3.3EG 3.32024-04-05
NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a pa…
- CVE-2024-0075MEDIUMCVSS 6.1EG 6.12024-03-27
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerabilit…
- CVE-2024-0078MEDIUMCVSS 6.5EG 6.52024-03-27
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service.
- CVE-2024-0079MEDIUMCVSS 6.5EG 6.52024-03-27
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest VM can cause a NULL-pointer dereference in the host. A successful exploit of this vulnerability may lead to denial o…
- CVE-2024-0086MEDIUMCVSS 5.5EG 5.52024-06-13
NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin.
- CVE-2024-0125LOWCVSS 3.3EG 3.32024-10-03
NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability …
- CVE-2024-0209HIGHCVSS 7.8EG 7.82024-01-03
IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
- CVE-2024-0430MEDIUMCVSS 5.5EG 5.52024-01-22
IObit Malware Fighter v11.0.0.1274 is vulnerable to a Denial of Service vulnerability by triggering the 0x8001E00C IOCTL code of the ImfHpRegFilter.sys driver.
- CVE-2024-0727MEDIUMCVSS 5.5EG 5.52024-01-26
Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate…
- CVE-2024-0841MEDIUMCVSS 6.6EG 6.62024-01-28
A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on t…
- CVE-2024-10037MEDIUMCVSS 4.4EG 4.42025-03-25
A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenti…
- CVE-2024-10280MEDIUMCVSS 6.5EG 6.52024-10-23
A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation …
- CVE-2024-10750MEDIUMCVSS 6.5EG 6.52024-11-04
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo. The manipulation of the argument Conte…
- CVE-2024-1096MEDIUMCVSS 5.5EG 7.82024-02-13
Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112067, 0x801120CB 0x801120CC 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F, 0x80112073, 0x…
- CVE-2024-11148HIGHCVSS 7.5EG 7.52024-12-05
In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a NULL dereference when handling a malformed fastcgi request.
- CVE-2024-11499MEDIUMCVSS 4.9EG 4.92025-03-25
A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use o…
- CVE-2024-11588LOWCVSS 3.5EG 7.52024-11-21
A vulnerability was found in AVL-DiTEST-DiagDev libdoip 1.0.0. It has been rated as problematic. This issue affects the function DoIPConnection::reactOnReceivedTcpMessage of the file DoIPConnection.cpp. The manipulation leads to null point…
- CVE-2024-11650MEDIUMCVSS 6.5EG 6.52024-11-25
A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remo…
- CVE-2024-11705CRITICALCVSS 9.1EG 9.12024-11-26
`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11 v3.0 specification, which …
- CVE-2024-11706MEDIUMCVSS 6.5EG 6.52024-11-26
A null pointer dereference may have inadvertently occurred in `pk12util`, and specifically in the `SEC_ASN1DecodeItem_Util` function, when handling malformed or improperly formatted input files. This vulnerability affects Firefox < 133 and…
- CVE-2024-12002MEDIUMCVSS 4.3EG 4.32024-11-30
A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Conten…
- CVE-2024-12227MEDIUMCVSS 5.5EG 5.52024-12-05
A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL Handler. The manipulation leads to null po…
- CVE-2024-1241MEDIUMCVSS 5.5EG 5.52024-04-23
Watchdog Antivirus v1.6.415 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002014 IOCTL code of the wsdk-driver.sys driver.
- CVE-2024-12653MEDIUMCVSS 5.5EG 5.52024-12-16
A vulnerability classified as problematic has been found in FabulaTech USB over Network 6.0.6.1. Affected is the function 0x22040C in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereferen…
- CVE-2024-12654MEDIUMCVSS 5.5EG 5.52024-12-16
A vulnerability classified as problematic was found in FabulaTech USB over Network 6.0.6.1. Affected by this vulnerability is the function 0x220408 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null …
- CVE-2024-12655MEDIUMCVSS 5.5EG 5.52024-12-16
A vulnerability, which was classified as problematic, has been found in FabulaTech USB over Network 6.0.6.1. Affected by this issue is the function 0x220420 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads…
- CVE-2024-12656MEDIUMCVSS 5.5EG 5.52024-12-16
A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer d…
- CVE-2024-12657MEDIUMCVSS 5.5EG 5.52024-12-16
A vulnerability has been found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This vulnerability affects the function 0x8001E000 in the library AscRegistryFilter.sys of the component IOCTL Handler. The man…
- CVE-2024-12658MEDIUMCVSS 5.5EG 5.52024-12-16
A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This issue affects the function 0x8001E01C in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation lea…
- CVE-2024-12659MEDIUMCVSS 5.5EG 5.52024-12-16
A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been classified as problematic. Affected is the function 0x8001E004 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation l…
- CVE-2024-12660MEDIUMCVSS 5.5EG 5.52024-12-16
A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been declared as problematic. Affected by this vulnerability is the function 0x8001E018 in the library AscRegistryFilter.sys of the component IOCTL Handler…
- CVE-2024-12661MEDIUMCVSS 5.5EG 5.52024-12-16
A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been rated as problematic. Affected by this issue is the function 0x8001E024 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manip…
- CVE-2024-12662MEDIUMCVSS 5.5EG 5.52024-12-16
A vulnerability classified as problematic has been found in IObit Advanced SystemCare Utimate up to 17.0.0. This affects the function 0x8001E040 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to…
- CVE-2024-13978LOWCVSS 2.5EG 2.52025-08-01
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null p…
- CVE-2024-1443MEDIUMCVSS 4.4EG 4.42024-03-07
MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.
- CVE-2024-1914MEDIUMCVSS 6.5EG 6.52024-05-14
An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot controller inaccessible. The vulnerability could potentially be exploited to perform unauthorized actions by an attacker. This vu…
- CVE-2024-20266MEDIUMCVSS 5.3EG 5.32024-03-13
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulne…
- CVE-2024-20312HIGHCVSS 7.4EG 7.42024-03-27
A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affecte…
- CVE-2024-20339HIGHCVSS 8.6EG 8.62024-10-23
A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected devi…
- CVE-2024-20426HIGHCVSS 8.6EG 8.62024-10-23
A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attack…
- CVE-2024-20436HIGHCVSS 8.6EG 8.62024-09-25
A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This v…
- CVE-2024-20446HIGHCVSS 8.6EG 8.62024-08-28
A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of spec…
- CVE-2024-20661HIGHCVSS 7.5EG 7.52024-01-09
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2024-20794MEDIUMCVSS 5.5EG 5.52024-04-11
Animate versions 23.0.4, 24.0.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service. An attacker could leverage this vulnerability to cause a system crash, resulting in a…
- CVE-2024-21356MEDIUMCVSS 6.5EG 6.52024-02-13
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
- CVE-2024-21404HIGHCVSS 7.5EG 7.52024-02-13
.NET Denial of Service Vulnerability
- CVE-2024-21478MEDIUMCVSS 6.2EG 6.22024-06-03
transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.
- CVE-2024-21602HIGHCVSS 7.5EG 7.52024-01-12
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). If a specific IPv4 UDP packet is …
Map vulnerabilities like CWE-476 to your infrastructure
EchelonGraph correlates every CVE — across CWE-476 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →