Vulnerabilities (CVE)

Filtered by CWE-476
Total 3835 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36661 1 Xhyve Project 1 Xhyve 2025-06-17 N/A 6.5 MEDIUM
xhyve commit dfbe09b was discovered to contain a NULL pointer dereference via the component vi_pci_read(). This vulnerability allows attackers to cause a Denial of Service via unspecified vectors.
CVE-2022-36659 1 Xhyve Project 1 Xhyve 2025-06-17 N/A 6.5 MEDIUM
xhyve commit dfbe09b was discovered to contain a NULL pointer dereference via the component vi_pci_write(). This vulnerability allows attackers to cause a Denial of Service via unspecified vectors.
CVE-2025-46399 2025-06-17 N/A 4.7 MEDIUM
A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function.
CVE-2023-43898 1 Nothings 1 Stb Image.h 2025-06-17 N/A 5.5 MEDIUM
Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file.
CVE-2023-46343 1 Linux 1 Linux Kernel 2025-06-17 N/A 5.5 MEDIUM
In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c.
CVE-2025-32913 2025-06-17 N/A 7.5 HIGH
A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.
CVE-2025-30321 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-06-16 N/A 5.5 MEDIUM
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-25453 1 Axiosys 1 Bento4 2025-06-16 N/A 5.5 MEDIUM
Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_StszAtom::GetSampleSize() function.
CVE-2025-33057 2025-06-12 N/A 6.5 MEDIUM
Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.
CVE-2025-47111 2025-06-12 N/A 5.5 MEDIUM
Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-1698 2025-06-12 N/A 2.8 LOW
Null pointer exception vulnerabilities were reported in the fingerprint sensor service that could allow a local attacker to cause a denial of service.
CVE-2024-34508 2 Debian, Offis 2 Debian Linux, Dcmtk 2025-06-10 N/A 4.3 MEDIUM
dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
CVE-2024-35618 1 Pingcap 1 Tidb 2025-06-10 N/A 7.5 HIGH
PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer.
CVE-2024-5198 1 Openvpn 1 Ovpn-dco-win 2025-06-10 N/A 3.3 LOW
OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.
CVE-2025-31711 2 Google, Unisoc 18 Android, S8000, Sc7731e and 15 more 2025-06-10 N/A 5.1 MEDIUM
In cplog service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with no additional execution privileges needed.
CVE-2013-6954 1 Libpng 1 Libpng 2025-06-10 5.0 MEDIUM 6.5 MEDIUM
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.
CVE-2024-31041 1 Emqx 1 Nanomq 2025-06-10 N/A 7.5 HIGH
Null Pointer Dereference vulnerability in topic_filtern function in mqtt_parser.c in NanoMQ 0.21.7 allows attackers to cause a denial of service.
CVE-2024-28458 1 Swftools 1 Swftools 2025-06-10 N/A 7.5 HIGH
Null Pointer Dereference vulnerability in swfdump in swftools 0.9.2 allows attackers to crash the appliation via the function compileSWFActionCode in action/actioncompiler.c.
CVE-2025-25217 1 Openatom 1 Openharmony 2025-06-09 N/A 3.3 LOW
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2018-1000168 3 Debian, Nghttp2, Nodejs 3 Debian Linux, Nghttp2, Node.js 2025-06-09 5.0 MEDIUM 7.5 HIGH
nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.