CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-VCXC-WC98-2Q7W
Vulnerability from github – Published: 2026-07-08 00:37 – Updated: 2026-07-09 18:31A NULL pointer dereference in smooth_parse_stream_index() in src/media_tools/mpd.c in GPAC master HEAD before commit b35c61f104b85fbb16520ac2838d5d2ef70845b5 allows attackers to cause a denial of service
{
"affected": [],
"aliases": [
"CVE-2026-50810"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-07T23:16:54Z",
"severity": "MODERATE"
},
"details": "A NULL pointer dereference in smooth_parse_stream_index() in src/media_tools/mpd.c in GPAC master HEAD before commit b35c61f104b85fbb16520ac2838d5d2ef70845b5 allows attackers to cause a denial of service",
"id": "GHSA-vcxc-wc98-2q7w",
"modified": "2026-07-09T18:31:34Z",
"published": "2026-07-08T00:37:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50810"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac/issues/3507"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac/commit/b35c61f104b85fbb16520ac2838d5d2ef70845b5"
},
{
"type": "WEB",
"url": "https://gist.github.com/junius-sec/0c67bf67a268ff8861100bfc132e801c"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VF2J-2H9W-44V2
Vulnerability from github – Published: 2022-05-14 01:09 – Updated: 2022-05-14 01:09In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer.
{
"affected": [],
"aliases": [
"CVE-2018-11904"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-09-19T14:29:00Z",
"severity": "HIGH"
},
"details": "In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer.",
"id": "GHSA-vf2j-2h9w-44v2",
"modified": "2022-05-14T01:09:26Z",
"published": "2022-05-14T01:09:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11904"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=0a755b400876ab4d58151e98462d3fa8fe099f61"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=00022c12e0cad8b735f94d6ee3785a557b4a3df2"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=3815e870ef906409af4a228f66d9400081227b75"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=667b3108d10e9580bf9f6d337c759dc88a1a0bdc"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=731ebf70a25ab2cdc32d2626dcebe60fe3b09481"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=85ea1c126b05f133206cd9c6d8d9fbf137d81d27"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=8ee65e3c9addab1d3c15ba013401f5698fb73594"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=9a8f1aeb8055de80137e769fae637cd480495509"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a009a84d04bfac2a5c01101f38a70d216960fac0"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a4b4267f94802e0a4d93999649710bbf340796d5"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=be70d02f12cb9a71a9b07b601f0efafc99718ec9"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ebf1042efb9bd4517cd09a543bb4e3a164de8771"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ec9896d0bc7521bbbe6dc28a198635dc281e7358"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=f9f86fd07af5606d0cb74c3eca5b2cbfda509345"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?h=wlan-cld2.driver.lnx.1.0.r21-rel\u0026id=391d37818aaa8038a06662075dd8893501452931"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=106f5c62b01b5a212bb53d13e3a3e70db2baedee"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=174c053d1aa1bf5395647e3927d718255f3cbe75"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=17f6fbb4b52a6acdd831ebaffdac9bbc88d2f423"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=191f02a7ec2a4cccaebbdac8d36897e1ae125244"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=335ae3f8b353b6c7260eacb6aa706bb30f8a6bdc"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=3ea5197d268c6f4ed08fb866b587349f7049c6d5"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4aa30844e28eb4b410f86d97e970a39fcdfd797d"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4abed07fd2380b6073f5cc9f2a701773e914f86f"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=54e7d8fa44202a8528ef33d85381bca63d7749a5"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=57a5e1f62cd3230fd046b199eee902507100e18c"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=78a681f9d0d8e9843223dc42d02443e911b196a1"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=846f561170f0f4f6345d6b0ce1c35bf7059126cb"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=8dc81c98ed72c99983660d5b94c2c8283bc1ff7f"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9048145ff167fb8f9f8d2a9845ee1d1b45c4884c"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=99c0ddb04e8de0b8139778c7fb77b1957d113769"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9e040e43da5fe987747e16b305d7adf66977420f"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=a978afb1838273e0d7a7ec86dd8bc9db85dff49d"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=b98f8aafb23cbc8e883870bcc9dac165b3d75ae6"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=d42e72aa69a02531396b5a37cadebf927a757aa6"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=eb72224cc57092448663fecc2c9bfa0f775eb770"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=fb2f07b3b0d637a403bb891c57e76b6345a92cf0"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=002cb97a955832197f3ceebfa8b32bd12b946151"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=0c5a2ba407f23efd89cac6dc45e2ab9bdba3ada1"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=17275491f327909b32945ec1f465968021d22a7f"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=239aba9a1a4a474d86bde9cb67bfb1b2d6379a7c"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=7af334bfc3375c9f85a330b84db17c0db1d6dade"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=9ab5a5a0b63075cfd095ed6bcf506b4704c523e1"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a544494791b6307a2fe52fa282768083deb8a317"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a6ace5b9ea34f22b136a35248087efc2ceb35fd4"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c13bdf105aa20559d2d783508051ad2dd3cfa65b"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dd9ae2971b493909879cc2fd0fa97d12e1560762"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dda167ca8104de77f46fd29c66f66f807c63b309"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=ee9797fbefb45eee88c92420a24cda838cff6b45"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f11eeadd214e081a824f30aec5cb52d390ef576c"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f7ee321d5f31ce5bc6a4cbec72a965d272b3b77b"
},
{
"type": "WEB",
"url": "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/107770"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VF38-XJ6F-V939
Vulnerability from github – Published: 2022-02-17 00:00 – Updated: 2022-02-17 00:00Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2022-23189"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-16T17:15:00Z",
"severity": "MODERATE"
},
"details": "Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-vf38-xj6f-v939",
"modified": "2022-02-17T00:00:30Z",
"published": "2022-02-17T00:00:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23189"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb22-07.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-VF6V-52PQ-2H8V
Vulnerability from github – Published: 2024-03-25 12:30 – Updated: 2024-05-23 18:30In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix null deref accessing lag dev
It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is without an upper dev. After setting the upper dev with bond_master_upper_dev_link() there is a second event and in that event we have an upper dev.
{
"affected": [],
"aliases": [
"CVE-2021-47164"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-25T10:15:08Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix null deref accessing lag dev\n\nIt could be the lag dev is null so stop processing the event.\nIn bond_enslave() the active/backup slave being set before setting the\nupper dev so first event is without an upper dev.\nAfter setting the upper dev with bond_master_upper_dev_link() there is\na second event and in that event we have an upper dev.",
"id": "GHSA-vf6v-52pq-2h8v",
"modified": "2024-05-23T18:30:54Z",
"published": "2024-03-25T12:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47164"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2e4b0b95a489259f9d35a3db17023061f8f3d587"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/83026d83186bc48bb41ee4872f339b83f31dfc55"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bdfd3593a8248eea6ecfcbf7b47b56b86515672d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VF77-8H7G-GGHP
Vulnerability from github – Published: 2022-02-08 22:05 – Updated: 2026-05-20 18:50An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 10.0.0-M5"
},
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0-M1"
},
{
"fixed": "10.0.0-M6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0.M5"
},
{
"fixed": "9.0.36"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "8.5.1"
},
{
"fixed": "8.5.56"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 10.0.0-M5"
},
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-coyote"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0-M1"
},
{
"fixed": "10.0.0-M6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-coyote"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0.M5"
},
{
"fixed": "9.0.36"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-coyote"
},
"ranges": [
{
"events": [
{
"introduced": "8.5.1"
},
{
"fixed": "8.5.56"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-13934"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-476"
],
"github_reviewed": true,
"github_reviewed_at": "2021-04-12T18:34:04Z",
"nvd_published_at": "2020-07-14T15:15:00Z",
"severity": "HIGH"
},
"details": "An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.",
"id": "GHSA-vf77-8h7g-gghp",
"modified": "2026-05-20T18:50:54Z",
"published": "2022-02-08T22:05:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13934"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/tomcat"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20200724-0003"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4596-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4727"
},
{
"type": "WEB",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat"
}
GHSA-VF83-HV6J-P87W
Vulnerability from github – Published: 2025-06-26 21:31 – Updated: 2025-06-26 21:31vkoskiv c-ray 1.1 contains a Null Pointer Dereference (NPD) vulnerability in the parse_mtllib function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.
{
"affected": [],
"aliases": [
"CVE-2025-45332"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-25T18:15:22Z",
"severity": "HIGH"
},
"details": "vkoskiv c-ray 1.1 contains a Null Pointer Dereference (NPD) vulnerability in the parse_mtllib function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.",
"id": "GHSA-vf83-hv6j-p87w",
"modified": "2025-06-26T21:31:13Z",
"published": "2025-06-26T21:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45332"
},
{
"type": "WEB",
"url": "https://github.com/vkoskiv/c-ray/issues/119"
},
{
"type": "WEB",
"url": "https://gist.github.com/QiuYitai/6ebfa07510828a9464ba7fb948255ed5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VF98-8XXX-FP8W
Vulnerability from github – Published: 2026-02-11 15:30 – Updated: 2026-02-12 18:30A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version: QuTS hero h5.3.2.3354 build 20251225 and later
{
"affected": [],
"aliases": [
"CVE-2025-66274"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-11T13:15:58Z",
"severity": "LOW"
},
"details": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following version:\nQuTS hero h5.3.2.3354 build 20251225 and later",
"id": "GHSA-vf98-8xxx-fp8w",
"modified": "2026-02-12T18:30:21Z",
"published": "2026-02-11T15:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66274"
},
{
"type": "WEB",
"url": "https://www.qnap.com/en/security-advisory/qsa-26-08"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-VFC8-39C7-GMQ3
Vulnerability from github – Published: 2024-10-10 15:30 – Updated: 2024-10-10 15:30An attacker who successfully exploited these vulnerabilities could cause the robot to stop.
A vulnerability exists in the PROFINET stack included in the RobotWare versions listed below.
This vulnerability arises under specific condition when specially crafted message is processed by the system.
Below are reported vulnerabilities in the Robot Ware versions.
- IRC5- RobotWare 6 < 6.15.06 except 6.10.10, and 6.13.07
{
"affected": [],
"aliases": [
"CVE-2024-6157"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-10T13:15:14Z",
"severity": "MODERATE"
},
"details": "An attacker who successfully exploited these vulnerabilities could cause the robot to stop.\n\n\n\nA vulnerability exists in the PROFINET stack included in the RobotWare versions listed below.\u00a0\n\nThis vulnerability arises under specific condition when specially crafted message is processed by the system.\n\nBelow are reported vulnerabilities in the Robot Ware versions. \n\n* IRC5- RobotWare 6 \u003c 6.15.06 except 6.10.10, and 6.13.07",
"id": "GHSA-vfc8-39c7-gmq3",
"modified": "2024-10-10T15:30:41Z",
"published": "2024-10-10T15:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6157"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=SI20337\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VFGJ-F4G9-XH2H
Vulnerability from github – Published: 2025-12-30 15:30 – Updated: 2026-02-26 21:31In the Linux kernel, the following vulnerability has been resolved:
driver core: fix potential null-ptr-deref in device_add()
I got the following null-ptr-deref report while doing fault injection test:
BUG: kernel NULL pointer dereference, address: 0000000000000058 CPU: 2 PID: 278 Comm: 37-i2c-ds2482 Tainted: G B W N 6.1.0-rc3+ RIP: 0010:klist_put+0x2d/0xd0 Call Trace: klist_remove+0xf1/0x1c0 device_release_driver_internal+0x196/0x210 bus_remove_device+0x1bd/0x240 device_add+0xd3d/0x1100 w1_add_master_device+0x476/0x490 [wire] ds2482_probe+0x303/0x3e0 [ds2482]
This is how it happened:
w1_alloc_dev() // The dev->driver is set to w1_master_driver. memcpy(&dev->dev, device, sizeof(struct device)); device_add() bus_add_device() dpm_sysfs_add() // It fails, calls bus_remove_device.
// error path
bus_remove_device()
// The dev->driver is not null, but driver is not bound.
__device_release_driver()
klist_remove(&dev->p->knode_driver) <-- It causes null-ptr-deref.
// normal path
bus_probe_device() // It's not called yet.
device_bind_driver()
If dev->driver is set, in the error path after calling bus_add_device() in device_add(), bus_remove_device() is called, then the device will be detached from driver. But device_bind_driver() is not called yet, so it causes null-ptr-deref while access the 'knode_driver'. To fix this, set dev->driver to null in the error path before calling bus_remove_device().
{
"affected": [],
"aliases": [
"CVE-2023-54321"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-30T13:16:21Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential null-ptr-deref in device_add()\n\nI got the following null-ptr-deref report while doing fault injection test:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000058\nCPU: 2 PID: 278 Comm: 37-i2c-ds2482 Tainted: G B W N 6.1.0-rc3+\nRIP: 0010:klist_put+0x2d/0xd0\nCall Trace:\n \u003cTASK\u003e\n klist_remove+0xf1/0x1c0\n device_release_driver_internal+0x196/0x210\n bus_remove_device+0x1bd/0x240\n device_add+0xd3d/0x1100\n w1_add_master_device+0x476/0x490 [wire]\n ds2482_probe+0x303/0x3e0 [ds2482]\n\nThis is how it happened:\n\nw1_alloc_dev()\n // The dev-\u003edriver is set to w1_master_driver.\n memcpy(\u0026dev-\u003edev, device, sizeof(struct device));\n device_add()\n bus_add_device()\n dpm_sysfs_add() // It fails, calls bus_remove_device.\n\n // error path\n bus_remove_device()\n // The dev-\u003edriver is not null, but driver is not bound.\n __device_release_driver()\n klist_remove(\u0026dev-\u003ep-\u003eknode_driver) \u003c-- It causes null-ptr-deref.\n\n // normal path\n bus_probe_device() // It\u0027s not called yet.\n device_bind_driver()\n\nIf dev-\u003edriver is set, in the error path after calling bus_add_device()\nin device_add(), bus_remove_device() is called, then the device will be\ndetached from driver. But device_bind_driver() is not called yet, so it\ncauses null-ptr-deref while access the \u0027knode_driver\u0027. To fix this, set\ndev-\u003edriver to null in the error path before calling bus_remove_device().",
"id": "GHSA-vfgj-f4g9-xh2h",
"modified": "2026-02-26T21:31:25Z",
"published": "2025-12-30T15:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-54321"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/17982304806c5c10924e73f7ca5556e0d7378452"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2c59650d078b1b3f1ea50d5f8ee9fcc537dc02d3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7cf515bf9e8c2908dc170ecf2df117162a16c9c5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/97aa8fb74bbe9aaf4ed5962a784f73b071bd16bf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f6837f34a34973ef6600c08195ed300e24e97317"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VFGJ-VQJW-HH7G
Vulnerability from github – Published: 2023-10-13 21:30 – Updated: 2024-04-04 08:38A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. QES is not affected.
We have already fixed the vulnerability in the following versions: QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2453 build 20230708 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later
{
"affected": [],
"aliases": [
"CVE-2023-32970"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-13T20:15:09Z",
"severity": "MODERATE"
},
"details": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network.\nQES is not affected.\n\nWe have already fixed the vulnerability in the following versions:\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.0.2453 build 20230708 and later\nQuTS hero h4.5.4.2476 build 20230728 and later\nQuTScloud c5.1.0.2498 and later\nQTS 5.1.0.2444 build 20230629 and later\nQTS 4.5.4.2467 build 20230718 and later\n",
"id": "GHSA-vfgj-vqjw-hh7g",
"modified": "2024-04-04T08:38:20Z",
"published": "2023-10-13T21:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32970"
},
{
"type": "WEB",
"url": "https://www.qnap.com/en/security-advisory/qsa-23-41"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.