Loading...
Loading...
194 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Untrusted Pointer Dereference of src_hdr in the copy_ncp_header function.
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
Out-of-bounds read in Windows DWM allows an authorized attacker to elevate privileges locally.
Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally.
WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memo…
Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
An Untrusted Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial-of-Service (DoS). When the …
Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.
Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availabilit…
Untrusted pointer dereference for some Intel(R) QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combine…
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally.
Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.
Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service.
EchelonGraph correlates every CVE — across CWE-822 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →