CWE-476— NULL Pointer Dereference
4,740 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-476page 9 of 95
- CVE-2018-20198MEDIUMCVSS 5.5EG 5.52018-12-18
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service becau…
- CVE-2018-20199MEDIUMCVSS 5.5EG 5.52018-12-18
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service becau…
- CVE-2018-20349MEDIUMCVSS 6.5EG 6.52018-12-22
The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 has an NULL pointer dereference that allows attackers to cause a denial of service (application crash) via a crafted object.
- CVE-2018-20357MEDIUMCVSS 5.5EG 5.52018-12-22
A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash.
- CVE-2018-20362MEDIUMCVSS 5.5EG 5.52018-12-22
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mi…
- CVE-2018-20363MEDIUMCVSS 6.5EG 6.52018-12-22
LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
- CVE-2018-20364MEDIUMCVSS 6.5EG 6.52018-12-22
LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
- CVE-2018-20425HIGHCVSS 8.8EG 8.82018-12-24
libming 0.4.8 has a NULL pointer dereference in the pushdup function of the decompile.c file.
- CVE-2018-20426HIGHCVSS 8.8EG 8.82018-12-24
libming 0.4.8 has a NULL pointer dereference in the newVar3 function of the decompile.c file, a different vulnerability than CVE-2018-7866.
- CVE-2018-20427HIGHCVSS 8.8EG 8.82018-12-24
libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability than CVE-2018-9132.
- CVE-2018-20428HIGHCVSS 8.8EG 8.82018-12-24
libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerability than CVE-2018-7874.
- CVE-2018-20429HIGHCVSS 8.8EG 8.82018-12-24
libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability than CVE-2018-7872 and CVE-2018-9165.
- CVE-2018-20431MEDIUMCVSS 6.5EG 6.52018-12-24
GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.
- CVE-2018-20481MEDIUMCVSS 6.5EG 6.52018-12-26
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called …
- CVE-2018-20532MEDIUMCVSS 6.5EG 6.52018-12-28
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
- CVE-2018-20533MEDIUMCVSS 6.5EG 6.52018-12-28
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
- CVE-2018-20537MEDIUMCVSS 6.5EG 6.52018-12-28
There is a NULL pointer dereference at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service.
- CVE-2018-20651MEDIUMCVSS 5.5EG 5.52019-01-01
A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers…
- CVE-2018-20751HIGHCVSS 8.8EG 8.82019-02-04
An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointe…
- CVE-2018-20786HIGHCVSS 7.5EG 7.52019-02-24
libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c.
- CVE-2018-21015MEDIUMCVSS 6.5EG 6.52019-09-16
AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndica…
- CVE-2018-21236HIGHCVSS 7.5EG 7.52020-06-04
An issue was discovered in Foxit Reader before 2.4.4. It has a NULL pointer dereference.
- CVE-2018-2384MEDIUMCVSS 6.5EG 6.52018-02-14
Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.
- CVE-2018-2912HIGHCVSS 7.5EG 7.52018-10-17
Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker…
- CVE-2018-2914HIGHCVSS 7.5EG 7.52018-10-17
Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker…
- CVE-2018-3563HIGHCVSS 7.8EG 7.82018-04-03
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, untrusted pointer dereference in apr_cb_func can lead to an arbitrary code e…
- CVE-2018-3570HIGHCVSS 7.8EG 7.82018-07-06
In the cpuidle driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, the list_for_each macro was not used correctly which could lead to an untrusted pointer dereference.
- CVE-2018-3592CRITICALCVSS 9.8EG 9.82018-04-11
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, …
- CVE-2018-3840HIGHCVSS 7.5EG 7.52018-06-26
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x67). The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read by the application is no…
- CVE-2018-3841HIGHCVSS 7.5EG 7.52018-06-26
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x69). The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read-in is not validated, and…
- CVE-2018-4024HIGHCVSS 7.5EG 7.52019-05-13
An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a null pointer d…
- CVE-2018-4140HIGHCVSS 7.5EG 7.52018-04-03
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Telephony" component. It allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via a Class 0 SMS m…
- CVE-2018-4276HIGHCVSS 7.5EG 7.52019-04-03
A null pointer dereference was addressed with improved validation. This issue affected versions prior to macOS High Sierra 10.13.6.
- CVE-2018-4302HIGHCVSS 7.8EG 7.82021-12-23
A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpe…
- CVE-2018-4987CRITICALCVSS 9.8EG 9.82018-07-09
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in…
- CVE-2018-5012HIGHCVSS 8.8EG 8.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in…
- CVE-2018-5030HIGHCVSS 8.8EG 8.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in…
- CVE-2018-5206CRITICALCVSS 9.8EG 9.82018-01-06
When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer.
- CVE-2018-5308HIGHCVSS 7.8EG 7.82018-01-09
PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other…
- CVE-2018-5333MEDIUMCVSS 5.5EG 5.52018-01-11
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
- CVE-2018-5449MEDIUMCVSS 6.5EG 6.52018-03-05
A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack.
- CVE-2018-5710MEDIUMCVSS 6.5EG 6.52018-01-16
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), wh…
- CVE-2018-5729MEDIUMCVSS 4.7EG 4.72018-03-06
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is int…
- CVE-2018-5801MEDIUMCVSS 6.5EG 6.52018-12-07
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
- CVE-2018-5806MEDIUMCVSS 6.5EG 6.52018-12-07
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
- CVE-2018-5812MEDIUMCVSS 6.5EG 6.52018-12-07
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.
- CVE-2018-6116MEDIUMCVSS 6.5EG 6.52018-12-04
A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
- CVE-2018-6197HIGHCVSS 7.5EG 7.52018-01-25
w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.
- CVE-2018-6247HIGHCVSS 8.8EG 8.82018-04-02
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference may lead to denial of service or possible escalation of privileges.
- CVE-2018-6249HIGHCVSS 8.8EG 8.82018-04-02
NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges.
Map vulnerabilities like CWE-476 to your infrastructure
EchelonGraph correlates every CVE — across CWE-476 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →