CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-WHRX-WP3H-V5MG
Vulnerability from github – Published: 2022-01-11 00:01 – Updated: 2022-01-15 00:03A NULL Pointer Dereference vulnerability exists in GNU inetutils 2.2 via the setcmd function at commands.c, which causes a denial of service.
{
"affected": [],
"aliases": [
"CVE-2021-46060"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-10T14:11:00Z",
"severity": "HIGH"
},
"details": "A NULL Pointer Dereference vulnerability exists in GNU inetutils 2.2 via the setcmd function at commands.c, which causes a denial of service.",
"id": "GHSA-whrx-wp3h-v5mg",
"modified": "2022-01-15T00:03:27Z",
"published": "2022-01-11T00:01:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46060"
},
{
"type": "WEB",
"url": "https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00017.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-WHX8-R54W-7GJM
Vulnerability from github – Published: 2025-08-26 12:30 – Updated: 2025-09-15 21:30A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4933 and later
{
"affected": [],
"aliases": [
"CVE-2025-29901"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-26T10:15:32Z",
"severity": "HIGH"
},
"details": "A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following version:\nFile Station 5 5.5.6.4933 and later",
"id": "GHSA-whx8-r54w-7gjm",
"modified": "2025-09-15T21:30:55Z",
"published": "2025-08-26T12:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29901"
},
{
"type": "WEB",
"url": "https://www.qnap.com/en/security-advisory/qsa-25-31"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-WJ52-RFJ4-XJCM
Vulnerability from github – Published: 2024-02-20 03:30 – Updated: 2025-01-21 21:30A null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed file onto a LAN-side host if the firewall has the “Anti-Malware” feature enabled.
{
"affected": [],
"aliases": [
"CVE-2023-6397"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-20T02:15:48Z",
"severity": "MODERATE"
},
"details": "\n\n\n\n\n\n\n\n\n\n\n\nA null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed file onto a LAN-side host if the firewall has the \u201cAnti-Malware\u201d feature enabled.\n\n\n\n",
"id": "GHSA-wj52-rfj4-xjcm",
"modified": "2025-01-21T21:30:43Z",
"published": "2024-02-20T03:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6397"
},
{
"type": "WEB",
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WJ6V-2JFM-GW75
Vulnerability from github – Published: 2022-05-14 00:55 – Updated: 2022-05-14 00:55In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
{
"affected": [],
"aliases": [
"CVE-2018-16428"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-09-04T00:29:00Z",
"severity": "CRITICAL"
},
"details": "In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.",
"id": "GHSA-wj6v-2jfm-gw75",
"modified": "2022-05-14T00:55:17Z",
"published": "2022-05-14T00:55:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16428"
},
{
"type": "WEB",
"url": "https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9"
},
{
"type": "WEB",
"url": "https://gitlab.gnome.org/GNOME/glib/issues/1364"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3767-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3767-2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/02/14/3"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/105210"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WJ6X-HCC2-F32J
Vulnerability from github – Published: 2023-03-09 18:30 – Updated: 2023-09-20 17:41A vulnerability was identified in Consul and Consul Enterprise (“Consul”) an authenticated user with service:write permissions could trigger a workflow that causes Consul server and client agents to crash under certain circumstances. To exploit this vulnerability, an attacker requires access to an ACL token with service:write permissions, and there needs to be at least one running ingress or API gateway that is configured to route traffic to an upstream service.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/hashicorp/consul"
},
"ranges": [
{
"events": [
{
"introduced": "1.14.0"
},
{
"fixed": "1.14.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-0845"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": true,
"github_reviewed_at": "2023-03-16T16:04:18Z",
"nvd_published_at": "2023-03-09T16:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability was identified in Consul and Consul Enterprise (\u201cConsul\u201d) an authenticated user with service:write permissions could trigger a workflow that causes Consul server and client agents to crash under certain circumstances. To exploit this vulnerability, an attacker requires access to an ACL token with service:write permissions, and there needs to be at least one running ingress or API gateway that is configured to route traffic to an upstream service.",
"id": "GHSA-wj6x-hcc2-f32j",
"modified": "2023-09-20T17:41:13Z",
"published": "2023-03-09T18:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0845"
},
{
"type": "WEB",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-06-consul-server-panic-when-ingress-and-api-gateways-configured-with-peering-connections/51197"
},
{
"type": "PACKAGE",
"url": "https://github.com/hashicorp/consul"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Consul Server Panic when Ingress and API Gateways Configured with Peering Connections"
}
GHSA-WJG2-C8G7-RJJR
Vulnerability from github – Published: 2024-05-21 18:31 – Updated: 2025-01-06 21:30In the Linux kernel, the following vulnerability has been resolved:
clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data
Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.
{
"affected": [],
"aliases": [
"CVE-2023-52873"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T16:15:24Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"id": "GHSA-wjg2-c8g7-rjjr",
"modified": "2025-01-06T21:30:49Z",
"published": "2024-05-21T18:31:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52873"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1f57f78fbacf630430bf954e5a84caafdfea30c0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3994387ba3564976731179c4d4a6d7850ddda71a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a90239551abc181687f8c0ba60b276f7d75c141e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ca6d565a2319d69d9766e6ecbb5af827fc4afb2b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/df1c4a9efa3f5b6fb5e0ae63890230dbe2190b7e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f6a7c51cf07a399ec067d39f0a22f1817c5c7d2b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fbe466f06d4ea18745da0d57540539b7b36936ae"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WJM3-MFFR-5QQG
Vulnerability from github – Published: 2022-05-24 16:55 – Updated: 2024-04-04 01:54MyHTML through 4.0.5 has a NULL pointer dereference in myhtml_tree_node_remove in tree.c.
{
"affected": [],
"aliases": [
"CVE-2019-16164"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-09-09T17:15:00Z",
"severity": "MODERATE"
},
"details": "MyHTML through 4.0.5 has a NULL pointer dereference in myhtml_tree_node_remove in tree.c.",
"id": "GHSA-wjm3-mffr-5qqg",
"modified": "2024-04-04T01:54:15Z",
"published": "2022-05-24T16:55:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16164"
},
{
"type": "WEB",
"url": "https://github.com/lexborisov/myhtml/issues/175"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WJW7-V5JQ-MG9C
Vulnerability from github – Published: 2025-07-02 15:30 – Updated: 2025-11-21 00:30In the Linux kernel, the following vulnerability has been resolved:
ksmbd: use list_first_entry_or_null for opinfo_get_list()
The list_first_entry() macro never returns NULL. If the list is empty then it returns an invalid pointer. Use list_first_entry_or_null() to check if the list is empty.
{
"affected": [],
"aliases": [
"CVE-2025-38092"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-02T15:15:26Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: use list_first_entry_or_null for opinfo_get_list()\n\nThe list_first_entry() macro never returns NULL. If the list is\nempty then it returns an invalid pointer. Use list_first_entry_or_null()\nto check if the list is empty.",
"id": "GHSA-wjw7-v5jq-mg9c",
"modified": "2025-11-21T00:30:19Z",
"published": "2025-07-02T15:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38092"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/10379171f346e6f61d30d9949500a8de4336444a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/334da674b25fdb7a1a4d4b89dcd7795144fc7e11"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c78abb646ff823e7d22faad4cc0703d4484da9e8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cb7e06e9736d73007dc8dab7b353733bb37df86b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WJWQ-7FC3-76R7
Vulnerability from github – Published: 2022-05-17 02:58 – Updated: 2022-05-17 02:58An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
{
"affected": [],
"aliases": [
"CVE-2016-4780"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-20T08:59:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the \"Thunderbolt\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.",
"id": "GHSA-wjwq-7fc3-76r7",
"modified": "2022-05-17T02:58:03Z",
"published": "2022-05-17T02:58:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4780"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT207275"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WM3H-MJMP-3W9F
Vulnerability from github – Published: 2025-06-26 21:31 – Updated: 2025-06-30 21:30berkeley-abc abc 1.1 contains a Null Pointer Dereference (NPD) vulnerability in the Abc_NtkCecFraigPart function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.
{
"affected": [],
"aliases": [
"CVE-2025-45333"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-25T20:15:23Z",
"severity": "HIGH"
},
"details": "berkeley-abc abc 1.1 contains a Null Pointer Dereference (NPD) vulnerability in the Abc_NtkCecFraigPart function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.",
"id": "GHSA-wm3h-mjmp-3w9f",
"modified": "2025-06-30T21:30:30Z",
"published": "2025-06-26T21:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45333"
},
{
"type": "WEB",
"url": "https://github.com/berkeley-abc/abc/pull/383"
},
{
"type": "WEB",
"url": "https://gist.github.com/QiuYitai/eb49750fe58e39ce685cfd87a41eacb9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.