CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-M47C-XM2P-2V99
Vulnerability from github – Published: 2022-05-24 16:50 – Updated: 2024-04-04 01:17In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, a NULL pointer dereference in the Kerberos (aka KRB) protocol parser leads to DoS because a case-type index is mishandled.
{
"affected": [],
"aliases": [
"CVE-2019-12175"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-17T17:15:00Z",
"severity": "HIGH"
},
"details": "In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, a NULL pointer dereference in the Kerberos (aka KRB) protocol parser leads to DoS because a case-type index is mishandled.",
"id": "GHSA-m47c-xm2p-2v99",
"modified": "2024-04-04T01:17:20Z",
"published": "2022-05-24T16:50:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12175"
},
{
"type": "WEB",
"url": "https://github.com/zeek/zeek/releases/tag/v2.6.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M4F7-QQQH-44M7
Vulnerability from github – Published: 2025-03-04 06:30 – Updated: 2025-03-04 06:30in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. This vulnerability can be exploited only in restricted scenarios.
{
"affected": [],
"aliases": [
"CVE-2025-21084"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-04T04:15:13Z",
"severity": "LOW"
},
"details": "in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. This vulnerability can be exploited only in restricted scenarios.",
"id": "GHSA-m4f7-qqqh-44m7",
"modified": "2025-03-04T06:30:33Z",
"published": "2025-03-04T06:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21084"
},
{
"type": "WEB",
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-03.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M4QH-6FF4-G5XX
Vulnerability from github – Published: 2022-05-17 02:33 – Updated: 2022-05-17 02:33The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure.
{
"affected": [],
"aliases": [
"CVE-2016-4912"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-27T17:59:00Z",
"severity": "HIGH"
},
"details": "The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure.",
"id": "GHSA-m4qh-6ff4-g5xx",
"modified": "2022-05-17T02:33:13Z",
"published": "2022-05-17T02:33:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4912"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329295"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201707-05"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/05/18/6"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1035916"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M4VF-R3XM-3QHJ
Vulnerability from github – Published: 2024-10-29 03:31 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
pinctrl: apple: check devm_kasprintf() returned value
devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value.
Found by code review.
{
"affected": [],
"aliases": [
"CVE-2024-50069"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-29T01:15:04Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: apple: check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this returned\nvalue is not checked. Fix this lack and check the returned value.\n\nFound by code review.",
"id": "GHSA-m4vf-r3xm-3qhj",
"modified": "2025-11-04T00:31:51Z",
"published": "2024-10-29T03:31:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50069"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0a4d4dbef622ac8796a6665e0080da2685f9220a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4d2296fb7c80fdc9925d29a8e85d617cad08731a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/665a58fe663ac7a9ea618dc0b29881649324b116"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fad940e2dd789155f99ecafa71a7baf6f96530bc"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M4W2-2J95-QX2Q
Vulnerability from github – Published: 2026-01-23 18:31 – Updated: 2026-07-14 15:31In the Linux kernel, the following vulnerability has been resolved:
net: mscc: ocelot: Fix crash when adding interface under a lag
Commit 15faa1f67ab4 ("lan966x: Fix crash when adding interface under a lag") fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The ocelot_set_aggr_pgids() function in the ocelot driver has similar logic and is susceptible to the same crash.
This issue specifically affects the ocelot_vsc7514.c frontend, which leaves unused ports as NULL pointers. The felix_vsc9959.c frontend is unaffected as it uses the DSA framework which registers all ports.
Fix this by checking if the port pointer is valid before accessing it.
{
"affected": [],
"aliases": [
"CVE-2026-22982"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-23T16:15:54Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mscc: ocelot: Fix crash when adding interface under a lag\n\nCommit 15faa1f67ab4 (\"lan966x: Fix crash when adding interface under a lag\")\nfixed a similar issue in the lan966x driver caused by a NULL pointer dereference.\nThe ocelot_set_aggr_pgids() function in the ocelot driver has similar logic\nand is susceptible to the same crash.\n\nThis issue specifically affects the ocelot_vsc7514.c frontend, which leaves\nunused ports as NULL pointers. The felix_vsc9959.c frontend is unaffected as\nit uses the DSA framework which registers all ports.\n\nFix this by checking if the port pointer is valid before accessing it.",
"id": "GHSA-m4w2-2j95-qx2q",
"modified": "2026-07-14T15:31:32Z",
"published": "2026-01-23T18:31:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22982"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/03fb1708b7d1e76aecebf767ad059c319845039f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2985712dc76dfa670eb7fd607c09d4d48e5f5c6e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/34f3ff52cb9fa7dbf04f5c734fcc4cb6ed5d1a95"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8767f238b0e6c3d0b295ac6dce9fbe6a99bd1b9d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b17818307446c5a8d925a39a792261dbfa930041"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f490af47bbee02441e356a1e0b86e3b3dd5120ff"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M4WX-HVH8-H9R5
Vulnerability from github – Published: 2025-12-11 18:30 – Updated: 2025-12-11 18:30An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereference of invalid or released memory. This can lead to memory corruption, application crashes, and potentially allow an attacker to execute arbitrary code.
{
"affected": [],
"aliases": [
"CVE-2025-55312"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-11T16:16:25Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereference of invalid or released memory. This can lead to memory corruption, application crashes, and potentially allow an attacker to execute arbitrary code.",
"id": "GHSA-m4wx-hvh8-h9r5",
"modified": "2025-12-11T18:30:44Z",
"published": "2025-12-11T18:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55312"
},
{
"type": "WEB",
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M4X7-W6VX-J9FM
Vulnerability from github – Published: 2023-05-09 18:30 – Updated: 2026-06-23 18:31NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.
{
"affected": [],
"aliases": [
"CVE-2023-2609"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-09T18:15:14Z",
"severity": "HIGH"
},
"details": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.",
"id": "GHSA-m4x7-w6vx-j9fm",
"modified": "2026-06-23T18:31:30Z",
"published": "2023-05-09T18:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2609"
},
{
"type": "WEB",
"url": "https://github.com/vim/vim/commit/d1ae8366aff286d41e7f5bc513cc0a1af5130aad"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/1679be5a-565f-4a44-a430-836412a0b622"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213844"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213845"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M4XJ-6X6X-XJ3H
Vulnerability from github – Published: 2025-08-29 18:30 – Updated: 2025-09-18 15:30A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later
{
"affected": [],
"aliases": [
"CVE-2025-29878"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-29T17:15:34Z",
"severity": "MODERATE"
},
"details": "A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following version:\nFile Station 5 5.5.6.4907 and later",
"id": "GHSA-m4xj-6x6x-xj3h",
"modified": "2025-09-18T15:30:23Z",
"published": "2025-08-29T18:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29878"
},
{
"type": "WEB",
"url": "https://www.qnap.com/en/security-advisory/qsa-25-19"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-M52J-G834-6Q2Q
Vulnerability from github – Published: 2026-04-22 12:30 – Updated: 2026-04-22 12:30An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.
{
"affected": [],
"aliases": [
"CVE-2026-33600"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-22T10:16:52Z",
"severity": "MODERATE"
},
"details": "An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.",
"id": "GHSA-m52j-g834-6q2q",
"modified": "2026-04-22T12:30:30Z",
"published": "2026-04-22T12:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33600"
},
{
"type": "WEB",
"url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M55F-QFCX-MX38
Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-05-24 17:48An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service.
{
"affected": [],
"aliases": [
"CVE-2020-23912"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-21T18:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service.",
"id": "GHSA-m55f-qfcx-mx38",
"modified": "2022-05-24T17:48:03Z",
"published": "2022-05-24T17:48:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23912"
},
{
"type": "WEB",
"url": "https://github.com/axiomatic-systems/Bento4/issues/540"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.