Common Weakness Enumeration

CWE-822

Allowed

Untrusted Pointer Dereference

Abstraction: Base · Status: Incomplete

The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.

380 vulnerabilities reference this CWE, most recent first.

GHSA-M3H3-GHPX-M4XP

Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30
VLAI
Details

PDF-XChange Editor EMF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18766.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-27342"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T02:15:11Z",
    "severity": "HIGH"
  },
  "details": "PDF-XChange Editor EMF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18766.",
  "id": "GHSA-m3h3-ghpx-m4xp",
  "modified": "2024-05-03T03:30:49Z",
  "published": "2024-05-03T03:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27342"
    },
    {
      "type": "WEB",
      "url": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-354"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M7R7-9V2W-RJCG

Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32
VLAI
Details

Untrusted pointer dereference in Windows DirectX allows an authorized attacker to execute code locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-50382"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-14T18:17:39Z",
    "severity": "HIGH"
  },
  "details": "Untrusted pointer dereference in Windows DirectX allows an authorized attacker to execute code locally.",
  "id": "GHSA-m7r7-9v2w-rjcg",
  "modified": "2026-07-14T18:32:19Z",
  "published": "2026-07-14T18:32:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50382"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50382"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M8PR-X6WC-R486

Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2023-10-03 15:30
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.3.84 (package 16.6.3.134). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12691.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31504"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-03T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.3.84 (package 16.6.3.134). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12691.",
  "id": "GHSA-m8pr-x6wc-r486",
  "modified": "2023-10-03T15:30:27Z",
  "published": "2022-05-24T19:09:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31504"
    },
    {
      "type": "WEB",
      "url": "https://www.cvedetails.com/vulnerability-list/vendor_id-2032/product_id-96672/Opentext-Brava-Desktop.html?page=1\u0026opec=1\u0026order=1\u0026trc=35\u0026sha=37f4ed0596f8ccacca7d571f22a38c97b0f19f4c"
    },
    {
      "type": "WEB",
      "url": "https://www.opentext.com/products/brava"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-646"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M972-QPP6-2R94

Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30
VLAI
Details

Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17909.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-34301"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T02:15:31Z",
    "severity": "HIGH"
  },
  "details": "Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17909.",
  "id": "GHSA-m972-qpp6-2r94",
  "modified": "2024-05-03T03:30:52Z",
  "published": "2024-05-03T03:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34301"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-861"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MCFJ-JV8P-VP64

Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2023-10-03 15:30
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12746.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31500"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-15T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12746.",
  "id": "GHSA-mcfj-jv8p-vp64",
  "modified": "2023-10-03T15:30:27Z",
  "published": "2022-05-24T19:05:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31500"
    },
    {
      "type": "WEB",
      "url": "https://www.cvedetails.com/vulnerability-list/vendor_id-2032/product_id-96672/Opentext-Brava-Desktop.html?page=1\u0026opec=1\u0026order=1\u0026trc=35\u0026sha=37f4ed0596f8ccacca7d571f22a38c97b0f19f4c"
    },
    {
      "type": "WEB",
      "url": "https://www.opentext.com/products/brava"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-640"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MF5X-MV5H-4G8W

Vulnerability from github – Published: 2024-10-08 18:33 – Updated: 2024-10-08 18:33
VLAI
Details

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-43516"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-08T18:15:14Z",
    "severity": "HIGH"
  },
  "details": "Windows Secure Kernel Mode Elevation of Privilege Vulnerability",
  "id": "GHSA-mf5x-mv5h-4g8w",
  "modified": "2024-10-08T18:33:15Z",
  "published": "2024-10-08T18:33:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43516"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43516"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MFPJ-F925-V5GX

Vulnerability from github – Published: 2023-06-14 00:30 – Updated: 2025-10-22 00:32
VLAI
Details

Windows TPM Device Driver Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-29360"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-14T00:15:10Z",
    "severity": "HIGH"
  },
  "details": "Windows TPM Device Driver Elevation of Privilege Vulnerability",
  "id": "GHSA-mfpj-f925-v5gx",
  "modified": "2025-10-22T00:32:44Z",
  "published": "2023-06-14T00:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29360"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29360"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MHC8-F455-FQC9

Vulnerability from github – Published: 2024-09-10 18:30 – Updated: 2024-09-10 18:30
VLAI
Details

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-37340"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-10T17:15:18Z",
    "severity": "HIGH"
  },
  "details": "Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability",
  "id": "GHSA-mhc8-f455-fqc9",
  "modified": "2024-09-10T18:30:45Z",
  "published": "2024-09-10T18:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37340"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37340"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MP8H-QMXP-C39W

Vulnerability from github – Published: 2022-05-05 00:00 – Updated: 2022-05-13 00:00
VLAI
Details

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-20796"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-476",
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-04T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.",
  "id": "GHSA-mp8h-qmxp-c39w",
  "modified": "2022-05-13T00:00:38Z",
  "published": "2022-05-05T00:00:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20796"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202310-01"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MQGX-JHMV-PH2P

Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30
VLAI
Details

PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of App objects. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20729.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-40471"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T03:15:19Z",
    "severity": "HIGH"
  },
  "details": "PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of App objects. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20729.",
  "id": "GHSA-mqgx-jhmv-ph2p",
  "modified": "2024-05-03T03:30:58Z",
  "published": "2024-05-03T03:30:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40471"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1150"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

CAPEC-129: Pointer Manipulation

This attack pattern involves an adversary manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.