CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
CVE-2025-24515 (GCVE-0-2025-24515)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:59 – Updated: 2025-08-13 20:16- Denial of Service
- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Graphics Drivers |
Affected:
See references
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24515",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T18:04:13.854029Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T20:16:40.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Graphics Drivers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:59:03.914Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01299.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01299.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-24515",
"datePublished": "2025-08-12T16:59:03.914Z",
"dateReserved": "2025-03-11T03:00:20.589Z",
"dateUpdated": "2025-08-13T20:16:40.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24483 (GCVE-0-2025-24483)
Vulnerability from cvelistv5 – Published: 2025-02-06 07:05 – Updated: 2025-02-12 19:51- CWE-476 - NULL pointer dereference
| Vendor | Product | Version | |
|---|---|---|---|
| Humming Heads Inc. | Defense Platform Home Edition |
Affected:
Ver.3.9.51.x and earlier
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24483",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T14:11:46.056172Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:51:10.698Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Defense Platform Home Edition",
"vendor": "Humming Heads Inc.",
"versions": [
{
"status": "affected",
"version": "Ver.3.9.51.x and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL pointer dereference vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system where the product is running, the system may cause a Blue Screen of Death (BSOD), and as a result, cause a denial-of-service (DoS) condition."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL pointer dereference",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T07:05:56.408Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.hummingheads.co.jp/dep/storelist/"
},
{
"url": "https://jvn.jp/en/jp/JVN66673020/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-24483",
"datePublished": "2025-02-06T07:05:56.408Z",
"dateReserved": "2025-01-27T06:02:36.061Z",
"dateUpdated": "2025-02-12T19:51:10.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24031 (GCVE-0-2025-24031)
Vulnerability from cvelistv5 – Published: 2025-02-10 15:38 – Updated: 2025-02-10 15:50- CWE-476 - NULL Pointer Dereference
| URL | Tags |
|---|---|
| https://github.com/OpenSC/pam_pkcs11/security/adv… | x_refsource_CONFIRM |
| https://github.com/OpenSC/pam_pkcs11/blob/bb2e3f3… | x_refsource_MISC |
| https://github.com/OpenSC/pam_pkcs11/blob/bb2e3f3… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| OpenSC | pam_pkcs11 |
Affected:
<= 0.6.12
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24031",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T15:50:34.830337Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T15:50:52.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/OpenSC/pam_pkcs11/security/advisories/GHSA-wvr3-c9x3-9mff"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "pam_pkcs11",
"vendor": "OpenSC",
"versions": [
{
"status": "affected",
"version": "\u003c= 0.6.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, `pam_get_pwd` will never initialize the password buffer pointer and as such `cleanse` will try to dereference an uninitialized pointer. On my system this pointer happens to have the value 3 most of the time when running sudo and as such it will segfault. The most likely impact to a system affected by this issue is an availability impact due to a daemon that uses PAM crashing. As of time of publication, a patch for the issue is unavailable."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T15:38:39.876Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenSC/pam_pkcs11/security/advisories/GHSA-wvr3-c9x3-9mff",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenSC/pam_pkcs11/security/advisories/GHSA-wvr3-c9x3-9mff"
},
{
"name": "https://github.com/OpenSC/pam_pkcs11/blob/bb2e3f3a95e44fdf44b0d5a4b377db3179021380/src/pam_pkcs11/pam_pkcs11.c#L211",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenSC/pam_pkcs11/blob/bb2e3f3a95e44fdf44b0d5a4b377db3179021380/src/pam_pkcs11/pam_pkcs11.c#L211"
},
{
"name": "https://github.com/OpenSC/pam_pkcs11/blob/bb2e3f3a95e44fdf44b0d5a4b377db3179021380/src/pam_pkcs11/pam_pkcs11.c#L797",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenSC/pam_pkcs11/blob/bb2e3f3a95e44fdf44b0d5a4b377db3179021380/src/pam_pkcs11/pam_pkcs11.c#L797"
}
],
"source": {
"advisory": "GHSA-wvr3-c9x3-9mff",
"discovery": "UNKNOWN"
},
"title": "PAM-PKCS#11 vulnerable to segmentation fault on ctrl-c/ctrl-d when asked for PIN"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24031",
"datePublished": "2025-02-10T15:38:39.876Z",
"dateReserved": "2025-01-16T17:31:06.460Z",
"dateUpdated": "2025-02-10T15:50:52.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23346 (GCVE-0-2025-23346)
Vulnerability from cvelistv5 – Published: 2025-09-24 13:13 – Updated: 2025-09-24 14:04- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | NVIDIA CUDA Toolkit |
Affected:
All versions prior to CUDA Toolkit 13.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23346",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-24T14:01:06.295500Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T14:04:19.650Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "NVIDIA CUDA Toolkit",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to CUDA Toolkit 13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service."
}
],
"value": "NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of Service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T13:13:26.205Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23346"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23346"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5661"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-23346",
"datePublished": "2025-09-24T13:13:26.205Z",
"dateReserved": "2025-01-14T01:07:21.737Z",
"dateUpdated": "2025-09-24T14:04:19.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23332 (GCVE-0-2025-23332)
Vulnerability from cvelistv5 – Published: 2025-10-23 18:25 – Updated: 2025-10-23 19:03- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | Virtual GPU Manager |
Affected:
580.82.02(All versions prior to and including vGPU 19.1)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
570.172.07(All versions prior to and including vGPU 18.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.261.04(All versions prior to and including vGPU 16.11)
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.95.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 570.195.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.274.02
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.95.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 570.195.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.274.02
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.95.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 570.195.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.274.02
|
|
| NVIDIA | Guest driver |
Affected:
580.82.07(All versions prior to and including vGPU 19.1)
|
|
| NVIDIA | Guest driver |
Affected:
580.82.07(All versions up to and including the August 2025 release)
|
|
| NVIDIA | Guest driver |
Affected:
570.172.08(All versions prior to and including vGPU 18.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.261.03(All versions prior to and including vGPU 16.11)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23332",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T19:03:01.656766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T19:03:08.876Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.02(All versions prior to and including vGPU 19.1)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R570 vGPU 18)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.172.07(All versions prior to and including vGPU 18.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.261.04(All versions prior to and including vGPU 16.11)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.95.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.195.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.274.02"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.95.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.195.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.274.02"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.95.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.195.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.274.02"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.07(All versions prior to and including vGPU 19.1)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.07(All versions up to and including the August 2025 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570 vGPU 18)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.172.08(All versions prior to and including vGPU 18.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.261.03(All versions prior to and including vGPU 16.11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of Service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:25:26.798Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23332"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23332"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5703"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-23332",
"datePublished": "2025-10-23T18:25:26.798Z",
"dateReserved": "2025-01-14T01:07:19.939Z",
"dateUpdated": "2025-10-23T19:03:08.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23330 (GCVE-0-2025-23330)
Vulnerability from cvelistv5 – Published: 2025-10-23 18:25 – Updated: 2025-10-23 19:03- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.95.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 570.195.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.274.02
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.95.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 570.195.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.274.02
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.95.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 570.195.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.274.02
|
|
| NVIDIA | Guest driver |
Affected:
580.82.07(All versions prior to and including vGPU 19.1)
|
|
| NVIDIA | Guest driver |
Affected:
580.82.07(All versions up to and including the August 2025 release)
|
|
| NVIDIA | Guest driver |
Affected:
570.172.08(All versions prior to and including vGPU 18.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.261.03(All versions prior to and including vGPU 16.11)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T19:03:23.635345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T19:03:31.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.95.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.195.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.274.02"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.95.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.195.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.274.02"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.95.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.195.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.274.02"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.07(All versions prior to and including vGPU 19.1)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.07(All versions up to and including the August 2025 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570 vGPU 18)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.172.08(All versions prior to and including vGPU 18.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.261.03(All versions prior to and including vGPU 16.11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of Service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:25:00.760Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23330"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23330"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5703"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-23330",
"datePublished": "2025-10-23T18:25:00.760Z",
"dateReserved": "2025-01-14T01:06:31.095Z",
"dateUpdated": "2025-10-23T19:03:31.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23300 (GCVE-0-2025-23300)
Vulnerability from cvelistv5 – Published: 2025-10-23 18:24 – Updated: 2025-10-23 19:05- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | Virtual GPU Manager |
Affected:
580.82.02(All versions up to and including the August 2025 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.82.02(All versions prior to and including vGPU 19.1)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
570.172.07(All versions prior to and including vGPU 18.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.261.04(All versions prior to and including vGPU 16.11)
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.95.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 570.195.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.274.02
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.95.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 570.195.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.274.02
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.95.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 570.195.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.274.02
|
|
| NVIDIA | Guest driver |
Affected:
580.82.07(All versions prior to and including vGPU 19.1)
|
|
| NVIDIA | Guest driver |
Affected:
580.82.07(All versions up to and including the August 2025 release)
|
|
| NVIDIA | Guest driver |
Affected:
570.172.08(All versions prior to and including vGPU 18.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.261.03(All versions prior to and including vGPU 16.11)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23300",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T19:05:05.917928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T19:05:17.293Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(R580 Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.02(All versions up to and including the August 2025 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.02(All versions prior to and including vGPU 19.1)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R570 vGPU 18)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.172.07(All versions prior to and including vGPU 18.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.261.04(All versions prior to and including vGPU 16.11)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.95.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.195.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.274.02"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.95.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.195.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.274.02"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.95.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.195.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.274.02"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.07(All versions prior to and including vGPU 19.1)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.07(All versions up to and including the August 2025 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570 vGPU 18)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.172.08(All versions prior to and including vGPU 18.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.261.03(All versions prior to and including vGPU 16.11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of Service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:24:21.817Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23300"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23300"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5703"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-23300",
"datePublished": "2025-10-23T18:24:21.817Z",
"dateReserved": "2025-01-14T01:06:26.350Z",
"dateUpdated": "2025-10-23T19:05:17.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22837 (GCVE-0-2025-22837)
Vulnerability from cvelistv5 – Published: 2025-03-04 03:44 – Updated: 2025-03-04 14:23- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| OpenHarmony | OpenHarmony |
Affected:
v4.1.0 , ≤ v5.0.2
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22837",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-04T14:23:10.999688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T14:23:25.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenHarmony",
"vendor": "OpenHarmony",
"versions": [
{
"lessThanOrEqual": "v5.0.2",
"status": "affected",
"version": "v4.1.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference."
}
],
"value": "in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T03:44:40.887Z",
"orgId": "0cf5dd6e-1214-4398-a481-30441e48fafd",
"shortName": "OpenHarmony"
},
"references": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-03.md"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arkcompiler Ets Runtime has a NULL pointer dereference vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cf5dd6e-1214-4398-a481-30441e48fafd",
"assignerShortName": "OpenHarmony",
"cveId": "CVE-2025-22837",
"datePublished": "2025-03-04T03:44:40.887Z",
"dateReserved": "2025-01-20T02:01:05.647Z",
"dateUpdated": "2025-03-04T14:23:25.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22490 (GCVE-0-2025-22490)
Vulnerability from cvelistv5 – Published: 2025-06-06 15:52 – Updated: 2025-06-06 16:36| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | File Station 5 |
Affected:
5.5.x , < 5.5.6.4847
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22490",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-06T16:19:48.903679Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T16:36:05.104Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "File Station 5",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.5.6.4847",
"status": "affected",
"version": "5.5.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coral"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eFile Station 5 5.5.6.4847 and later\u003cbr\u003e"
}
],
"value": "A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following version:\nFile Station 5 5.5.6.4847 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T15:52:54.760Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-16"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eFile Station 5 5.5.6.4847 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nFile Station 5 5.5.6.4847 and later"
}
],
"source": {
"advisory": "QSA-25-16",
"discovery": "EXTERNAL"
},
"title": "File Station 5",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-22490",
"datePublished": "2025-06-06T15:52:54.760Z",
"dateReserved": "2025-01-07T06:55:33.250Z",
"dateUpdated": "2025-06-06T16:36:05.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-21433 (GCVE-0-2025-21433)
Vulnerability from cvelistv5 – Published: 2025-07-08 12:48 – Updated: 2025-07-08 16:10- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
APQ8017
Affected: APQ8037 Affected: AQT1000 Affected: AR8035 Affected: CSRA6620 Affected: CSRA6640 Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: Flight RB5 5G Platform Affected: Home Hub 100 Platform Affected: PM8937 Affected: QAM8255P Affected: QAM8295P Affected: QAM8620P Affected: QAM8650P Affected: QAM8775P Affected: QAMSRV1H Affected: QAMSRV1M Affected: QCA6174A Affected: QCA6391 Affected: QCA6420 Affected: QCA6421 Affected: QCA6426 Affected: QCA6430 Affected: QCA6431 Affected: QCA6436 Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6678AQ Affected: QCA6688AQ Affected: QCA6696 Affected: QCA6698AQ Affected: QCA6698AU Affected: QCA6797AQ Affected: QCA8081 Affected: QCA8337 Affected: QCA9379 Affected: QCC710 Affected: QCM2150 Affected: QCM2290 Affected: QCM4290 Affected: QCM4325 Affected: QCM4490 Affected: QCM5430 Affected: QCM6125 Affected: QCM6490 Affected: QCM8550 Affected: QCN6024 Affected: QCN6224 Affected: QCN6274 Affected: QCN7606 Affected: QCN9011 Affected: QCN9012 Affected: QCN9024 Affected: QCN9274 Affected: QCS2290 Affected: QCS4290 Affected: QCS4490 Affected: QCS5430 Affected: QCS6125 Affected: QCS615 Affected: QCS6490 Affected: QCS7230 Affected: QCS8250 Affected: QCS8300 Affected: QCS8550 Affected: QCS9100 Affected: QDU1000 Affected: QDU1010 Affected: QDU1110 Affected: QDU1210 Affected: QDX1010 Affected: QDX1011 Affected: QEP8111 Affected: QFW7114 Affected: QFW7124 Affected: QMP1000 Affected: QRB5165M Affected: QRB5165N Affected: QRU1032 Affected: QRU1052 Affected: QRU1062 Affected: QSM8350 Affected: Qualcomm 215 Mobile Platform Affected: Qualcomm Video Collaboration VC1 Platform Affected: Qualcomm Video Collaboration VC3 Platform Affected: Qualcomm Video Collaboration VC5 Platform Affected: Robotics RB2 Platform Affected: Robotics RB5 Platform Affected: SA4150P Affected: SA4155P Affected: SA6145P Affected: SA6150P Affected: SA6155 Affected: SA6155P Affected: SA7255P Affected: SA7775P Affected: SA8145P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SA8255P Affected: SA8295P Affected: SA8530P Affected: SA8540P Affected: SA8620P Affected: SA8650P Affected: SA8770P Affected: SA8775P Affected: SA9000P Affected: SC8380XP Affected: SD 8 Gen1 5G Affected: SD626 Affected: SD670 Affected: SD730 Affected: SD855 Affected: SD865 5G Affected: SD888 Affected: SDM429W Affected: SDX61 Affected: SG4150P Affected: SG8275P Affected: SM4125 Affected: SM4635 Affected: SM6250 Affected: SM6370 Affected: SM6650 Affected: SM6650P Affected: SM7250P Affected: SM7315 Affected: SM7325P Affected: SM7635 Affected: SM7635P Affected: SM7675 Affected: SM7675P Affected: SM8550P Affected: SM8635 Affected: SM8635P Affected: SM8650Q Affected: SM8735 Affected: SM8750 Affected: SM8750P Affected: Smart Audio 400 Platform Affected: Smart Display 200 Platform (APQ5053-AA) Affected: Snapdragon 4 Gen 1 Mobile Platform Affected: Snapdragon 4 Gen 2 Mobile Platform Affected: Snapdragon 425 Mobile Platform Affected: Snapdragon 427 Mobile Platform Affected: Snapdragon 429 Mobile Platform Affected: Snapdragon 430 Mobile Platform Affected: Snapdragon 435 Mobile Platform Affected: Snapdragon 439 Mobile Platform Affected: Snapdragon 450 Mobile Platform Affected: Snapdragon 460 Mobile Platform Affected: Snapdragon 480 5G Mobile Platform Affected: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Affected: Snapdragon 625 Mobile Platform Affected: Snapdragon 626 Mobile Platform Affected: Snapdragon 632 Mobile Platform Affected: Snapdragon 662 Mobile Platform Affected: Snapdragon 665 Mobile Platform Affected: Snapdragon 670 Mobile Platform Affected: Snapdragon 675 Mobile Platform Affected: Snapdragon 678 Mobile Platform (SM6150-AC) Affected: Snapdragon 680 4G Mobile Platform Affected: Snapdragon 685 4G Mobile Platform (SM6225-AD) Affected: Snapdragon 690 5G Mobile Platform Affected: Snapdragon 695 5G Mobile Platform Affected: Snapdragon 710 Mobile Platform Affected: Snapdragon 720G Mobile Platform Affected: Snapdragon 730 Mobile Platform (SM7150-AA) Affected: Snapdragon 730G Mobile Platform (SM7150-AB) Affected: Snapdragon 732G Mobile Platform (SM7150-AC) Affected: Snapdragon 750G 5G Mobile Platform Affected: Snapdragon 765 5G Mobile Platform (SM7250-AA) Affected: Snapdragon 765G 5G Mobile Platform (SM7250-AB) Affected: Snapdragon 768G 5G Mobile Platform (SM7250-AC) Affected: Snapdragon 778G 5G Mobile Platform Affected: Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) Affected: Snapdragon 780G 5G Mobile Platform Affected: Snapdragon 782G Mobile Platform (SM7325-AF) Affected: Snapdragon 7c+ Gen 3 Compute Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: Snapdragon 8 Gen 2 Mobile Platform Affected: Snapdragon 8 Gen 3 Mobile Platform Affected: Snapdragon 8+ Gen 1 Mobile Platform Affected: Snapdragon 8+ Gen 2 Mobile Platform Affected: Snapdragon 855 Mobile Platform Affected: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Affected: Snapdragon 870 5G Mobile Platform (SM8250-AC) Affected: Snapdragon 888 5G Mobile Platform Affected: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Affected: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Affected: Snapdragon AR1 Gen 1 Platform Affected: Snapdragon AR1 Gen 1 Platform "Luna1" Affected: Snapdragon AR2 Gen 1 Platform Affected: Snapdragon Auto 5G Modem-RF Gen 2 Affected: Snapdragon W5+ Gen 1 Wearable Platform Affected: Snapdragon X32 5G Modem-RF System Affected: Snapdragon X35 5G Modem-RF System Affected: Snapdragon X50 5G Modem-RF System Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon X62 5G Modem-RF System Affected: Snapdragon X65 5G Modem-RF System Affected: Snapdragon X72 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: Snapdragon XR1 Platform Affected: Snapdragon XR2 5G Platform Affected: Snapdragon XR2+ Gen 1 Platform Affected: SRV1H Affected: SRV1L Affected: SRV1M Affected: SSG2115P Affected: SSG2125P Affected: SW5100 Affected: SW5100P Affected: SXR1120 Affected: SXR1230P Affected: SXR2130 Affected: SXR2230P Affected: SXR2250P Affected: SXR2330P Affected: TalynPlus Affected: Vision Intelligence 100 Platform (APQ8053-AA) Affected: Vision Intelligence 200 Platform (APQ8053-AC) Affected: WCD9326 Affected: WCD9335 Affected: WCD9340 Affected: WCD9341 Affected: WCD9370 Affected: WCD9375 Affected: WCD9378 Affected: WCD9380 Affected: WCD9385 Affected: WCD9390 Affected: WCD9395 Affected: WCN3610 Affected: WCN3615 Affected: WCN3620 Affected: WCN3660 Affected: WCN3660B Affected: WCN3680 Affected: WCN3680B Affected: WCN3910 Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN3990 Affected: WCN6450 Affected: WCN6650 Affected: WCN6740 Affected: WCN6755 Affected: WCN7750 Affected: WCN7860 Affected: WCN7861 Affected: WCN7880 Affected: WCN7881 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21433",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T14:24:55.998338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T16:10:56.037Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon CCW",
"Snapdragon Compute",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon IoT",
"Snapdragon Mobile",
"Snapdragon Technology",
"Snapdragon Voice \u0026 Music",
"Snapdragon WBC",
"Snapdragon Wearables"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8017"
},
{
"status": "affected",
"version": "APQ8037"
},
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6800"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "Flight RB5 5G Platform"
},
{
"status": "affected",
"version": "Home Hub 100 Platform"
},
{
"status": "affected",
"version": "PM8937"
},
{
"status": "affected",
"version": "QAM8255P"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QAM8620P"
},
{
"status": "affected",
"version": "QAM8650P"
},
{
"status": "affected",
"version": "QAM8775P"
},
{
"status": "affected",
"version": "QAMSRV1H"
},
{
"status": "affected",
"version": "QAMSRV1M"
},
{
"status": "affected",
"version": "QCA6174A"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6421"
},
{
"status": "affected",
"version": "QCA6426"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCA6431"
},
{
"status": "affected",
"version": "QCA6436"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6584AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6678AQ"
},
{
"status": "affected",
"version": "QCA6688AQ"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA6698AQ"
},
{
"status": "affected",
"version": "QCA6698AU"
},
{
"status": "affected",
"version": "QCA6797AQ"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCA9379"
},
{
"status": "affected",
"version": "QCC710"
},
{
"status": "affected",
"version": "QCM2150"
},
{
"status": "affected",
"version": "QCM2290"
},
{
"status": "affected",
"version": "QCM4290"
},
{
"status": "affected",
"version": "QCM4325"
},
{
"status": "affected",
"version": "QCM4490"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "QCM8550"
},
{
"status": "affected",
"version": "QCN6024"
},
{
"status": "affected",
"version": "QCN6224"
},
{
"status": "affected",
"version": "QCN6274"
},
{
"status": "affected",
"version": "QCN7606"
},
{
"status": "affected",
"version": "QCN9011"
},
{
"status": "affected",
"version": "QCN9012"
},
{
"status": "affected",
"version": "QCN9024"
},
{
"status": "affected",
"version": "QCN9274"
},
{
"status": "affected",
"version": "QCS2290"
},
{
"status": "affected",
"version": "QCS4290"
},
{
"status": "affected",
"version": "QCS4490"
},
{
"status": "affected",
"version": "QCS5430"
},
{
"status": "affected",
"version": "QCS6125"
},
{
"status": "affected",
"version": "QCS615"
},
{
"status": "affected",
"version": "QCS6490"
},
{
"status": "affected",
"version": "QCS7230"
},
{
"status": "affected",
"version": "QCS8250"
},
{
"status": "affected",
"version": "QCS8300"
},
{
"status": "affected",
"version": "QCS8550"
},
{
"status": "affected",
"version": "QCS9100"
},
{
"status": "affected",
"version": "QDU1000"
},
{
"status": "affected",
"version": "QDU1010"
},
{
"status": "affected",
"version": "QDU1110"
},
{
"status": "affected",
"version": "QDU1210"
},
{
"status": "affected",
"version": "QDX1010"
},
{
"status": "affected",
"version": "QDX1011"
},
{
"status": "affected",
"version": "QEP8111"
},
{
"status": "affected",
"version": "QFW7114"
},
{
"status": "affected",
"version": "QFW7124"
},
{
"status": "affected",
"version": "QMP1000"
},
{
"status": "affected",
"version": "QRB5165M"
},
{
"status": "affected",
"version": "QRB5165N"
},
{
"status": "affected",
"version": "QRU1032"
},
{
"status": "affected",
"version": "QRU1052"
},
{
"status": "affected",
"version": "QRU1062"
},
{
"status": "affected",
"version": "QSM8350"
},
{
"status": "affected",
"version": "Qualcomm 215 Mobile Platform"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC1 Platform"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC5 Platform"
},
{
"status": "affected",
"version": "Robotics RB2 Platform"
},
{
"status": "affected",
"version": "Robotics RB5 Platform"
},
{
"status": "affected",
"version": "SA4150P"
},
{
"status": "affected",
"version": "SA4155P"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA7255P"
},
{
"status": "affected",
"version": "SA7775P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8255P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SA8530P"
},
{
"status": "affected",
"version": "SA8540P"
},
{
"status": "affected",
"version": "SA8620P"
},
{
"status": "affected",
"version": "SA8650P"
},
{
"status": "affected",
"version": "SA8770P"
},
{
"status": "affected",
"version": "SA8775P"
},
{
"status": "affected",
"version": "SA9000P"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "SD 8 Gen1 5G"
},
{
"status": "affected",
"version": "SD626"
},
{
"status": "affected",
"version": "SD670"
},
{
"status": "affected",
"version": "SD730"
},
{
"status": "affected",
"version": "SD855"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SD888"
},
{
"status": "affected",
"version": "SDM429W"
},
{
"status": "affected",
"version": "SDX61"
},
{
"status": "affected",
"version": "SG4150P"
},
{
"status": "affected",
"version": "SG8275P"
},
{
"status": "affected",
"version": "SM4125"
},
{
"status": "affected",
"version": "SM4635"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "SM6370"
},
{
"status": "affected",
"version": "SM6650"
},
{
"status": "affected",
"version": "SM6650P"
},
{
"status": "affected",
"version": "SM7250P"
},
{
"status": "affected",
"version": "SM7315"
},
{
"status": "affected",
"version": "SM7325P"
},
{
"status": "affected",
"version": "SM7635"
},
{
"status": "affected",
"version": "SM7635P"
},
{
"status": "affected",
"version": "SM7675"
},
{
"status": "affected",
"version": "SM7675P"
},
{
"status": "affected",
"version": "SM8550P"
},
{
"status": "affected",
"version": "SM8635"
},
{
"status": "affected",
"version": "SM8635P"
},
{
"status": "affected",
"version": "SM8650Q"
},
{
"status": "affected",
"version": "SM8735"
},
{
"status": "affected",
"version": "SM8750"
},
{
"status": "affected",
"version": "SM8750P"
},
{
"status": "affected",
"version": "Smart Audio 400 Platform"
},
{
"status": "affected",
"version": "Smart Display 200 Platform (APQ5053-AA)"
},
{
"status": "affected",
"version": "Snapdragon 4 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 4 Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 425 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 427 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 429 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 430 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 435 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 439 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 450 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 460 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 480 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)"
},
{
"status": "affected",
"version": "Snapdragon 625 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 626 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 632 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 662 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 665 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 670 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 675 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 678 Mobile Platform (SM6150-AC)"
},
{
"status": "affected",
"version": "Snapdragon 680 4G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)"
},
{
"status": "affected",
"version": "Snapdragon 690 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 695 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 710 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 720G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 730 Mobile Platform (SM7150-AA)"
},
{
"status": "affected",
"version": "Snapdragon 730G Mobile Platform (SM7150-AB)"
},
{
"status": "affected",
"version": "Snapdragon 732G Mobile Platform (SM7150-AC)"
},
{
"status": "affected",
"version": "Snapdragon 750G 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)"
},
{
"status": "affected",
"version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)"
},
{
"status": "affected",
"version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)"
},
{
"status": "affected",
"version": "Snapdragon 778G 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)"
},
{
"status": "affected",
"version": "Snapdragon 780G 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 782G Mobile Platform (SM7325-AF)"
},
{
"status": "affected",
"version": "Snapdragon 7c+ Gen 3 Compute"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8+ Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8+ Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 855 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
},
{
"status": "affected",
"version": "Snapdragon 865 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
},
{
"status": "affected",
"version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
},
{
"status": "affected",
"version": "Snapdragon 888 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform \"Luna1\""
},
{
"status": "affected",
"version": "Snapdragon AR2 Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon Auto 5G Modem-RF Gen 2"
},
{
"status": "affected",
"version": "Snapdragon W5+ Gen 1 Wearable Platform"
},
{
"status": "affected",
"version": "Snapdragon X32 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X35 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X50 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X55 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X62 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X65 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X72 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X75 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon XR1 Platform"
},
{
"status": "affected",
"version": "Snapdragon XR2 5G Platform"
},
{
"status": "affected",
"version": "Snapdragon XR2+ Gen 1 Platform"
},
{
"status": "affected",
"version": "SRV1H"
},
{
"status": "affected",
"version": "SRV1L"
},
{
"status": "affected",
"version": "SRV1M"
},
{
"status": "affected",
"version": "SSG2115P"
},
{
"status": "affected",
"version": "SSG2125P"
},
{
"status": "affected",
"version": "SW5100"
},
{
"status": "affected",
"version": "SW5100P"
},
{
"status": "affected",
"version": "SXR1120"
},
{
"status": "affected",
"version": "SXR1230P"
},
{
"status": "affected",
"version": "SXR2130"
},
{
"status": "affected",
"version": "SXR2230P"
},
{
"status": "affected",
"version": "SXR2250P"
},
{
"status": "affected",
"version": "SXR2330P"
},
{
"status": "affected",
"version": "TalynPlus"
},
{
"status": "affected",
"version": "Vision Intelligence 100 Platform (APQ8053-AA)"
},
{
"status": "affected",
"version": "Vision Intelligence 200 Platform (APQ8053-AC)"
},
{
"status": "affected",
"version": "WCD9326"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCD9390"
},
{
"status": "affected",
"version": "WCD9395"
},
{
"status": "affected",
"version": "WCN3610"
},
{
"status": "affected",
"version": "WCN3615"
},
{
"status": "affected",
"version": "WCN3620"
},
{
"status": "affected",
"version": "WCN3660"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN3990"
},
{
"status": "affected",
"version": "WCN6450"
},
{
"status": "affected",
"version": "WCN6650"
},
{
"status": "affected",
"version": "WCN6740"
},
{
"status": "affected",
"version": "WCN6755"
},
{
"status": "affected",
"version": "WCN7750"
},
{
"status": "affected",
"version": "WCN7860"
},
{
"status": "affected",
"version": "WCN7861"
},
{
"status": "affected",
"version": "WCN7880"
},
{
"status": "affected",
"version": "WCN7881"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T12:48:52.630Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html"
}
],
"title": "NULL Pointer Dereference in SPS-HLOS"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2025-21433",
"datePublished": "2025-07-08T12:48:52.630Z",
"dateReserved": "2024-12-18T09:50:08.920Z",
"dateUpdated": "2025-07-08T16:10:56.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.