CWE-476

Medium likelihood

NULL Pointer Dereference

Parent: CWE-710 - Improper Adherence to Coding Standards

The product dereferences a pointer that it expects to be valid but is NULL.

5,323 vulnerabilities with CWE-476
CVE-2020-35495 MEDIUM
binutils < 2.34 - Denial of Service via Null Pointer Dereference in objdump
CVSS 5.5
CVE-2020-35860 CRITICAL
cbox < 0.3.0 - NULL Pointer Dereference
CVSS 9.8
CVE-2020-35907 MEDIUM
futures-task < 0.3.5 - NULL Pointer Dereference
CVSS 5.5
CVE-2020-35450 HIGH
Gobby 0.4.11 - NULL Pointer Dereference in D-Bus Handler
CVSS 7.5
CVE-2020-35680 HIGH
OpenSMTPD < 6.8.0p1 - Denial of Service via NULL Pointer Dereference in lka_filter.c
CVSS 7.5
CVE-2020-35668 HIGH
RedisGraph 2.0.0-2.2.11 - Denial of Service via Unquoted String Handling
CVSS 7.5
CVE-2020-29652 HIGH
golang.org/x/crypto/ssh <v0.0.0-20201203163018 - DoS
CVSS 7.5
CVE-2020-29484 MEDIUM
Xen < 4.14.0 - Denial of Service via Xenstore Watch Payload Length Overflow
CVSS 6.0
CVE-2020-29571 MEDIUM
Xen 4.4.0-4.14.x - Denial of Service via FIFO Event Channel NULL Pointer Dereference
CVSS 6.2
CVE-2020-28203 MEDIUM
Foxit Reader and PhantomPDF < 10.1.0.37527 - Denial of Service via Crafted PDF File
CVSS 5.5
CVE-2020-16599 MEDIUM
GNU Binutils 2.35 - Denial of Service via Crafted File in BFD Library
CVSS 5.5
CVE-2020-16593 MEDIUM
GNU Binutils 2.35 - Denial of Service via Crafted File in BFD Library
CVSS 5.5
CVE-2020-16588 MEDIUM
OpenEXR 2.3.0 - Denial of Service via Crafted EXR File
CVSS 5.5
CVE-2020-1971 MEDIUM
OpenSSL 1.0.2-1.0.2w and 1.1.1-1.1.1h - Denial of Service via EDIPARTYNAME NULL Pointer Dereference
CVSS 5.9
CVE-2020-25692 HIGH
OpenLDAP < 2.4.55 - Unauthenticated Denial of Service via RDN Renaming Request
CVSS 7.5
CVE-2020-25465 HIGH
Moddable SDK < os200908 - Denial of Service via Null Pointer Dereference in xObjectBindingFromExpression
CVSS 7.5
CVE-2020-26235 MEDIUM
time 0.2.7-0.2.22 - Use-After-Free in UtcOffset Local Offset Functions
CVSS 5.3
CVE-2020-15437 MEDIUM
Linux Kernel < 5.8 - Denial of Service via NULL Pointer Dereference in serial8250_isa_init_ports
CVSS 4.4
CVE-2020-11168 CRITICAL
Qualcomm Snapdragon - Null-Pointer Dereference in Data Buffer Access
CVSS 9.8
CVE-2020-28345 HIGH
LG Android 10 - Denial of Service via Wi-Fi Subsystem NULL Pointer Dereference
CVSS 7.5
CVE-2020-28344 HIGH
LG Android 8.0-10 - Denial of Service via NULL Pointer Dereference
CVSS 7.5
CVE-2020-26213 MEDIUM
teler < 0.0.1 - Denial of Service via Improper Process ID Handling
CVSS 5.9
CVE-2020-26521 HIGH
nats-server < 2.1.9 - Denial of Service via JWT Library Nil Dereference
CVSS 7.5
CVE-2020-5646 HIGH
GOT 1000 series - Memory Corruption
CVSS 7.5
CVE-2020-5655 HIGH
MELSEC iQ-R - NULL Pointer Dereference
CVSS 7.5
Details
Vulnerabilities 5,323
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits