Common Weakness Enumeration

CWE-822

Allowed

Untrusted Pointer Dereference

Abstraction: Base · Status: Incomplete

The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.

380 vulnerabilities reference this CWE, most recent first.

GHSA-98G3-X4RC-FJ4G

Vulnerability from github – Published: 2024-06-11 18:30 – Updated: 2025-10-22 00:33
VLAI
Details

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35250"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-11T17:16:02Z",
    "severity": "HIGH"
  },
  "details": "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability",
  "id": "GHSA-98g3-x4rc-fj4g",
  "modified": "2025-10-22T00:33:03Z",
  "published": "2024-06-11T18:30:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35250"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35250"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-35250"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9G9X-FC99-93R6

Vulnerability from github – Published: 2025-10-14 18:30 – Updated: 2025-11-17 21:31
VLAI
Details

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-24990"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-14T17:15:39Z",
    "severity": "HIGH"
  },
  "details": "Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems.  This is an announcement of the upcoming removal of ltmdm64.sys driver.  The driver has been removed in the October cumulative update.\nFax modem hardware dependent on this specific driver will no longer work on Windows.\nMicrosoft recommends removing any existing dependencies on this hardware.",
  "id": "GHSA-9g9x-fc99-93r6",
  "modified": "2025-11-17T21:31:19Z",
  "published": "2025-10-14T18:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24990"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24990"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24990"
    },
    {
      "type": "WEB",
      "url": "https://www.vicarius.io/vsociety/posts/cve-2025-24990-detection-script-elevation-of-privilege-vulnerability-in-agere-modem-driver-affecting-windows"
    },
    {
      "type": "WEB",
      "url": "https://www.vicarius.io/vsociety/posts/cve-2025-24990-mitigation-script-elevation-of-privilege-vulnerability-in-agere-modem-driver-affecting-windows"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9GWR-5P9W-WH2W

Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-09 18:30
VLAI
Details

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-62556"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-09T18:16:00Z",
    "severity": "HIGH"
  },
  "details": "Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.",
  "id": "GHSA-9gwr-5p9w-wh2w",
  "modified": "2025-12-09T18:30:46Z",
  "published": "2025-12-09T18:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62556"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62556"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9VPR-GW8R-CM26

Vulnerability from github – Published: 2025-07-08 18:31 – Updated: 2025-07-08 18:31
VLAI
Details

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-49661"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-08T17:15:48Z",
    "severity": "HIGH"
  },
  "details": "Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.",
  "id": "GHSA-9vpr-gw8r-cm26",
  "modified": "2025-07-08T18:31:46Z",
  "published": "2025-07-08T18:31:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49661"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49661"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9W2R-P3QJ-G3GM

Vulnerability from github – Published: 2024-02-06 06:30 – Updated: 2024-02-06 06:30
VLAI
Details

Memory corruption while reading ACPI config through the user mode app.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-43532"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-763",
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-06T06:16:02Z",
    "severity": "HIGH"
  },
  "details": "Memory corruption while reading ACPI config through the user mode app.",
  "id": "GHSA-9w2r-p3qj-g3gm",
  "modified": "2024-02-06T06:30:32Z",
  "published": "2024-02-06T06:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43532"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9X4C-46P7-5G2P

Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30
VLAI
Details

Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19879.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-34311"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T02:15:32Z",
    "severity": "HIGH"
  },
  "details": "Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19879.",
  "id": "GHSA-9x4c-46p7-5g2p",
  "modified": "2024-05-03T03:30:52Z",
  "published": "2024-05-03T03:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34311"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-871"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9XC5-8CGR-5WJF

Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30
VLAI
Details

Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-33120"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-14T18:17:34Z",
    "severity": "HIGH"
  },
  "details": "Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.",
  "id": "GHSA-9xc5-8cgr-5wjf",
  "modified": "2026-04-14T18:30:43Z",
  "published": "2026-04-14T18:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33120"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33120"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C76F-4G6W-3FF9

Vulnerability from github – Published: 2024-05-15 15:30 – Updated: 2024-07-03 18:41
VLAI
Details

A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27353"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-15T15:15:08Z",
    "severity": "HIGH"
  },
  "details": "A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM.",
  "id": "GHSA-c76f-4g6w-3ff9",
  "modified": "2024-07-03T18:41:57Z",
  "published": "2024-05-15T15:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27353"
    },
    {
      "type": "WEB",
      "url": "https://www.insyde.com/security-pledge"
    },
    {
      "type": "WEB",
      "url": "https://www.insyde.com/security-pledge/SA-2024001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CH5V-R2G3-8G6X

Vulnerability from github – Published: 2026-07-14 21:32 – Updated: 2026-07-14 21:32
VLAI
Details

Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-48340"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-14T21:16:59Z",
    "severity": "HIGH"
  },
  "details": "Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-ch5v-r2g3-8g6x",
  "modified": "2026-07-14T21:32:24Z",
  "published": "2026-07-14T21:32:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48340"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CPC5-3X63-52VQ

Vulnerability from github – Published: 2024-01-10 00:30 – Updated: 2024-01-12 21:30
VLAI
Details

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-34332"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-09T23:15:07Z",
    "severity": "HIGH"
  },
  "details": "\n\n\n\n\n\n\n\n\n\n\nAMI\u2019s SPx contains\na vulnerability in the BMC where an Attacker\nmay cause an untrusted pointer to dereference by a local network. A successful\nexploitation of this vulnerability may lead to a loss of confidentiality,\nintegrity, and/or availability. \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n",
  "id": "GHSA-cpc5-3x63-52vq",
  "modified": "2024-01-12T21:30:19Z",
  "published": "2024-01-10T00:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34332"
    },
    {
      "type": "WEB",
      "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

CAPEC-129: Pointer Manipulation

This attack pattern involves an adversary manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.