CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-47JJ-2HP6-GRWW
Vulnerability from github – Published: 2022-05-14 01:14 – Updated: 2022-05-14 01:14racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
{
"affected": [],
"aliases": [
"CVE-2015-4047"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-05-29T15:59:00Z",
"severity": "HIGH"
},
"details": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.",
"id": "GHSA-47jj-2hp6-grww",
"modified": "2022-05-14T01:14:55Z",
"published": "2022-05-14T01:14:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4047"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K05013313"
},
{
"type": "WEB",
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/74739"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1032397"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2623-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-47MC-X3RJ-X64V
Vulnerability from github – Published: 2022-05-24 17:18 – Updated: 2022-05-24 17:18parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.
{
"affected": [],
"aliases": [
"CVE-2020-13649"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-05-28T15:15:00Z",
"severity": "MODERATE"
},
"details": "parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.",
"id": "GHSA-47mc-x3rj-x64v",
"modified": "2022-05-24T17:18:48Z",
"published": "2022-05-24T17:18:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13649"
},
{
"type": "WEB",
"url": "https://github.com/jerryscript-project/jerryscript/issues/3786"
},
{
"type": "WEB",
"url": "https://github.com/jerryscript-project/jerryscript/issues/3788"
},
{
"type": "WEB",
"url": "https://github.com/jerryscript-project/jerryscript/commit/69f8e78c2f8d562bd6d8002b5488f1662ac30d24"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-47R9-WGG2-43FP
Vulnerability from github – Published: 2022-05-24 16:51 – Updated: 2024-04-04 01:22Null pointer dereference during secure application termination using specific application ids. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130
{
"affected": [],
"aliases": [
"CVE-2019-2236"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-25T17:15:00Z",
"severity": "MODERATE"
},
"details": "Null pointer dereference during secure application termination using specific application ids. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130",
"id": "GHSA-47r9-wgg2-43fp",
"modified": "2024-04-04T01:22:20Z",
"published": "2022-05-24T16:51:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2236"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-47V5-CR23-PW2C
Vulnerability from github – Published: 2024-07-29 18:30 – Updated: 2025-11-03 21:31In the Linux kernel, the following vulnerability has been resolved:
net: mana: Fix possible double free in error handling path
When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function adev_release calls kfree(madev). We shouldn't call kfree(madev) again in the error handling path. Set 'madev' to NULL.
{
"affected": [],
"aliases": [
"CVE-2024-42069"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-29T16:15:06Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: Fix possible double free in error handling path\n\nWhen auxiliary_device_add() returns error and then calls\nauxiliary_device_uninit(), callback function adev_release\ncalls kfree(madev). We shouldn\u0027t call kfree(madev) again\nin the error handling path. Set \u0027madev\u0027 to NULL.",
"id": "GHSA-47v5-cr23-pw2c",
"modified": "2025-11-03T21:31:11Z",
"published": "2024-07-29T18:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42069"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1864b8224195d0e43ddb92a8151f54f6562090cc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3243e64eb4d897c3eeb48b2a7221ab5a95e1282a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ed45c0a0b662079d4c0e518014cc148c753979b4"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-47WW-93V9-3CQ9
Vulnerability from github – Published: 2024-04-11 12:30 – Updated: 2024-04-11 12:30Animate versions 23.0.4, 24.0.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service. An attacker could leverage this vulnerability to cause a system crash, resulting in a denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2024-20794"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-11T11:15:47Z",
"severity": "MODERATE"
},
"details": "Animate versions 23.0.4, 24.0.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service. An attacker could leverage this vulnerability to cause a system crash, resulting in a denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-47ww-93v9-3cq9",
"modified": "2024-04-11T12:30:28Z",
"published": "2024-04-11T12:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20794"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/animate/apsb24-26.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4833-CGR8-3C9R
Vulnerability from github – Published: 2025-10-03 21:30 – Updated: 2025-10-08 21:30A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later
{
"affected": [],
"aliases": [
"CVE-2025-52424"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-03T19:15:45Z",
"severity": "MODERATE"
},
"details": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.6.3195 build 20250715 and later\nQuTS hero h5.2.6.3195 build 20250715 and later",
"id": "GHSA-4833-cgr8-3c9r",
"modified": "2025-10-08T21:30:24Z",
"published": "2025-10-03T21:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52424"
},
{
"type": "WEB",
"url": "https://www.qnap.com/en/security-advisory/qsa-25-36"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-4834-X9V4-H8M7
Vulnerability from github – Published: 2022-05-13 01:14 – Updated: 2022-05-13 01:14LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.
{
"affected": [],
"aliases": [
"CVE-2018-20024"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-19T16:29:00Z",
"severity": "HIGH"
},
"details": "LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.",
"id": "GHSA-4834-x9v4-h8m7",
"modified": "2022-05-13T01:14:07Z",
"published": "2022-05-13T01:14:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20024"
},
{
"type": "WEB",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-034-libvnc-null-pointer-dereference"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00033.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201908-05"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202006-06"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3877-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4547-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4547-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4587-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4383"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4846-33HJ-W865
Vulnerability from github – Published: 2022-05-14 00:57 – Updated: 2025-04-20 03:43GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.
{
"affected": [],
"aliases": [
"CVE-2017-13065"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-22T06:29:00Z",
"severity": "MODERATE"
},
"details": "GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.",
"id": "GHSA-4846-33hj-w865",
"modified": "2025-04-20T03:43:44Z",
"published": "2022-05-14T00:57:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13065"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/graphicsmagick/bugs/435"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4222-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"type": "WEB",
"url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4848-XC24-JJ88
Vulnerability from github – Published: 2022-05-14 01:43 – Updated: 2022-05-14 01:43An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.
{
"affected": [],
"aliases": [
"CVE-2018-5812"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-07T22:29:00Z",
"severity": "MODERATE"
},
"details": "An error within the \"nikon_coolscan_load_raw()\" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.",
"id": "GHSA-4848-xc24-jj88",
"modified": "2022-05-14T01:43:21Z",
"published": "2022-05-14T01:43:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5812"
},
{
"type": "WEB",
"url": "https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9"
},
{
"type": "WEB",
"url": "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt"
},
{
"type": "WEB",
"url": "https://secuniaresearch.flexerasoftware.com/advisories/81800"
},
{
"type": "WEB",
"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3838-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-484W-4XHH-MHMF
Vulnerability from github – Published: 2022-05-14 01:05 – Updated: 2025-04-20 03:48The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference.
{
"affected": [],
"aliases": [
"CVE-2017-15102"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-11-15T21:29:00Z",
"severity": "MODERATE"
},
"details": "The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference.",
"id": "GHSA-484w-4xhh-mhmf",
"modified": "2025-04-20T03:48:30Z",
"published": "2022-05-14T01:05:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15102"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/2fae9e5a7babada041e2e161699ade2447a01989"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1505905"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3583-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3583-2"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2fae9e5a7babada041e2e161699ade2447a01989"
},
{
"type": "WEB",
"url": "http://seclists.org/oss-sec/2017/q4/238"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101790"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.