CWE-476

Medium likelihood

NULL Pointer Dereference

Parent: CWE-710 - Improper Adherence to Coding Standards

The product dereferences a pointer that it expects to be valid but is NULL.

5,323 vulnerabilities with CWE-476
CVE-2020-24385 MEDIUM
MidnightBSD <1.2.6-1.3 - Use After Free
CVSS 5.5
CVE-2020-3517 HIGH
Cisco NX-OS and FXOS - Denial of Service via Malicious Cisco Fabric Services Messages
CVSS 8.6
CVE-2020-14500 CRITICAL
Secomea GateManager <9.2c - Buffer Overflow
CVSS 10.0
CVE-2020-7711 HIGH
goxmldsig - Denial of Service via Malformed XML Signature
CVSS 7.5
CVE-2020-14356 HIGH
Linux Kernel < 5.7.10 - Null Pointer Dereference in cgroupv2 Subsystem
CVSS 7.8
CVE-2020-24369 HIGH
Lua 5.4.0 - NULL Pointer Dereference in ldebug.c Line Hook
CVSS 7.5
CVE-2020-16307 MEDIUM
GhostScript 9.50 - Denial of Service via Null Pointer Dereference in PostScript File Parsing
CVSS 5.5
CVE-2020-16306 MEDIUM
GhostScript < 9.51 - Denial of Service via Crafted PostScript File
CVSS 5.5
CVE-2020-16295 MEDIUM
Ghostscript < 9.52 - Denial of Service via clj_media_size() Null Pointer Dereference
CVSS 5.5
CVE-2020-16293 MEDIUM
Ghostscript < 9.51 - Denial of Service via Crafted PDF File
CVSS 5.5
CVE-2020-16135 MEDIUM
libssh 0.9.4 - Denial of Service via NULL Pointer Dereference in tftpserver.c
CVSS 5.9
CVE-2020-5762 HIGH
Grandstream HT800 Series < 1.0.17.5 - DoS via TR-069 HTTP Auth Mishandling
CVSS 7.5
CVE-2020-16118 HIGH
GNOME Balsa < 2.6.0 - Denial of Service via IMAP PREAUTH Response
CVSS 7.5
CVE-2020-16117 MEDIUM
GNOME evolution-data-server < 3.35.91 - Denial of Service via Invalid CAPABILITY Line
CVSS 5.9
CVE-2020-12845 HIGH
Cherokee 0.4.27-1.2.104 - Unauthenticated Denial of Service via Malformed Authorization Header
CVSS 7.5
CVE-2020-10602 MEDIUM
OSIsoft PI System - DoS
CVSS 5.3
CVE-2020-10600 MEDIUM
PI Archive Subsystem <2018 SP2 - DoS
CVSS 5.9
CVE-2020-3481 HIGH
ClamAV 0.102.0-0.102.3 - Unauthenticated Denial of Service via EGG Archive Parsing
CVSS 7.5
CVE-2020-15807 MEDIUM
GNU LibreDWG < 0.11 - NULL Pointer Dereference via Crafted Input Files
CVSS 6.5
CVE-2020-13934 HIGH
Apache Tomcat 8.5.1-8.5.56, 9.0.0.M5-9.0.36, 10.0.0-M1-10.0.0-M6 - Denial of Service via h2c Direct Connection
CVSS 7.5
CVE-2020-15689 HIGH
Appweb < 7.2.2 and 8.x < 8.1.0 - Denial of Service via Range Header Handling
CVSS 7.5
CVE-2020-10730 MEDIUM
Samba <4.10.17-4.12.4 - Memory Corruption
CVSS 6.5
CVE-2020-5597 HIGH
Mitsubishi Electric GOT2000 - Memory Corruption
CVSS 7.5
CVE-2020-15469 LOW
QEMU 4.2.0 - Denial of Service via NULL Pointer Dereference in MemoryRegionOps
CVSS 2.3
CVE-2020-15304 MEDIUM
OpenEXR < 2.5.2 - NULL Pointer Dereference in TiledInputFile Constructor
CVSS 5.5
Details
Vulnerabilities 5,323
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits