Skip to main content

Null Pointer Dereference

memory MEDIUM

A null pointer dereference occurs when a program attempts to access memory through a pointer that has been set to NULL (address 0x0).

How It Works

A null pointer dereference occurs when a program attempts to access memory through a pointer that has been set to NULL (address 0x0). In normal operation, pointers should reference valid memory locations before use. When a pointer is NULL—either uninitialized, explicitly set to NULL, or returned as NULL from a failed allocation—and the program tries to read from, write to, or execute code at that address, the operating system intervenes. On modern systems, accessing address zero triggers a segmentation fault that immediately terminates the process.

Attackers exploit this by manipulating program logic to force null pointer conditions. Common techniques include triggering allocation failures in low-memory conditions, providing malformed input that bypasses initialization checks, or exploiting race conditions where a pointer is checked for NULL but becomes NULL before use. The attacker identifies code paths where null checks are missing or inadequate, then crafts inputs to reach those vulnerable states.

On legacy systems without memory protection, attackers could map their own code at address zero, converting a crash into arbitrary code execution. Modern operating systems prevent this through mmap_min_addr restrictions that prohibit mapping memory below a threshold (typically 64KB). This mitigation has largely relegated null pointer dereferences to denial-of-service attacks rather than remote code execution vectors.

Impact

  • Service disruption: Immediate process crash, taking down the vulnerable application or daemon
  • Availability attacks: Repeated crashes forcing system restarts or service downtime
  • Limited code execution: On unpatched legacy systems (pre-2009 Linux kernels, older embedded devices) where address zero mapping is possible
  • Privilege escalation: In kernel-mode drivers where null dereferences can be exploited to execute attacker code with system privileges

Real-World Examples

The Linux kernel suffered from CVE-2009-2908, where null pointer dereferences in various subsystems could be exploited on systems allowing mmap at address zero. Attackers could map malicious code at NULL and trigger kernel null dereferences to achieve privilege escalation. This prompted the introduction of mmap_min_addr protections.

Microsoft Windows drivers have been frequent targets, including CVE-2020-17087 in the Windows kernel cryptography driver. Attackers triggered null pointer dereferences in kernel mode, which on older Windows versions could be exploited for local privilege escalation by controlling the null page.

Web browsers have experienced denial-of-service through null dereferences when parsing malformed content. Firefox CVE-2019-11707 involved a null pointer dereference in the IonMonkey JIT compiler, allowing attackers to crash the browser with specially crafted JavaScript, though not achieve code execution due to modern protections.

Mitigation

  • Explicit null checks: Validate all pointers before dereferencing, especially after allocation or function calls that may return NULL
  • Static analysis tools: Deploy analyzers like Coverity, Clang Static Analyzer, or PVS-Studio to detect missing null checks during development
  • Address space layout: Enable mmap_min_addr kernel protection (standard on modern Linux, typically 65536 bytes)
  • Fuzzing: Use AFL, libFuzzer, or similar tools to stress-test error handling paths and allocation failures
  • Safe coding practices: Initialize pointers to NULL, use smart pointers in C++, adopt languages with built-in null safety
  • Runtime bounds checking: Enable AddressSanitizer during testing to catch null dereferences immediately

Recent CVEs (4134)

EPSS 13% CVSS 7.5
HIGH POC THREAT This Week

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service 750 823 Firmware +27
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Trend Micro +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Qualcomm Denial Of Service +122
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Null pointer dereference can occur due to memory allocation failure in DIAG in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Qualcomm Denial Of Service +84
NVD
EPSS 2% CVSS 6.1
MEDIUM This Month

XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Xmp Toolkit Software Development Kit +1
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Zephyr
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Samba +4
NVD GitHub
EPSS 0% CVSS 4.4
MEDIUM This Month

A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Buffer Overflow Denial Of Service +1
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Zephyr
NVD GitHub
EPSS 25% CVSS 7.5
HIGH PATCH This Week

While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Http Server +3
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Acrobat Pro DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe +4
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe +4
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe +4
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe +4
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe +4
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe +4
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe +4
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Null pointer dereference in SuiteLink server while processing command 0x0b. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Suitelink
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Null pointer dereference in SuiteLink server while processing commands 0x04/0x0a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Suitelink
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Null pointer dereference in SuiteLink server while processing command 0x07. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Suitelink
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Null pointer dereference in SuiteLink server while processing commands 0x03/0x10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Suitelink
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

Other An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in swftools through 20200710. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Swftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in sela through 20200412. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Sela
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in sela through 20200412. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Sela
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in sela through 20200412. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Sela
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in sela through 20200412. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Sela
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in pdftools through 20200714. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Pdftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in pdftools through 20200714. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Pdftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in pdftools through 20200714. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Pdftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in pdftools through 20200714. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Pdftools
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in pdftools through 20200714. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Pdftools
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libxsmm through v1.16.1-93. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libxsmm
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libslax through v0.22.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libslax
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libredwg through v0.10.1.3751. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libredwg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libredwg through v0.10.1.3751. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libredwg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in heif through through v3.6.2. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Heif
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in gravity through 0.8.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gravity
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

An issue was discovered in gravity through 0.8.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gravity
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in gravity through 0.8.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gravity
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in gravity through 0.8.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gravity
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

An issue was discovered in fig2dev before 3.2.8.. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Fig2Dev +1
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in faad2 through 2.10.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Faad2 +1
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in faust through v2.30.5. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Faust
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in gpac through 20200801. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in gpac through 20200801. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Qualcomm Denial Of Service +108
NVD
EPSS 65% CVSS 7.5
HIGH PATCH This Week

Malformed requests may cause the server to dereference a NULL pointer.4.48 and earlier. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Apache Denial Of Service +17
NVD
EPSS 3% CVSS 7.5
HIGH This Week

SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to null pointer dereference vulnerability when an unauthenticated attacker sends crafted malicious data in the HTTP requests over the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service SAP +1
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

The trak_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

The abst_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

The gf_odf_desc_copy function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

NULL pointer dereference vulnerability in NPU driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Buffer Overflow Denial Of Service +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NULL pointer dereference vulnerability in ION driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Buffer Overflow Denial Of Service +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Potential null pointer dereference in KGSL GPU auxiliary command due to improper validation of user input in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Qualcomm Denial Of Service +41
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Qualcomm Denial Of Service +98
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Qualcomm Denial Of Service +176
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Apple Denial Of Service +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A null pointer dereference was addressed with improved input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Apple Denial Of Service +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Ntfs 3G +3
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Null Pointer Dereference Modicon M340 Bmxp341000 +48
NVD VulDB
EPSS 1% CVSS 5.5
MEDIUM This Month

Adobe After Effects version 18.2 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe +1
NVD
Prev Page 33 of 46 Next

Quick Facts

Typical Severity
MEDIUM
Category
memory
Total CVEs
4134

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy