CWE-476

Medium likelihood

NULL Pointer Dereference

Parent: CWE-710 - Improper Adherence to Coding Standards

The product dereferences a pointer that it expects to be valid but is NULL.

5,271 vulnerabilities with CWE-476
CVE-2025-30266 MEDIUM
Qsync Central 5.0.0.0-5.0.0.3 - Authenticated Denial of Service via NULL Pointer Dereference
CVSS 6.5
CVE-2025-20080 MEDIUM
Intel(R) AMT/Standard Manageability - DoS
CVSS 6.8
CVE-2025-15571 LOW
ckolivas lrzip <0.651 - Null Pointer Dereference
CVSS 3.3
CVE-2025-68699 MEDIUM
NanoMQ 0.24.6 - Denial of Service via Malformed Shared Subscription Topic
CVSS 6.5
CVE-2025-71184 MEDIUM
Linux Kernel - NULL Pointer Dereference in btrfs_evict_inode
CVSS 5.5
CVE-2025-63655 HIGH
monkey < 1.8.5 - Denial of Service via mk_http_range_parse NULL Pointer Dereference
CVSS 7.5
CVE-2025-71004 MEDIUM
OneFlow v0.9.0 - Denial of Service via Segmentation Violation in Logical Or Component
CVSS 6.5
CVE-2025-33237 MEDIUM
NVIDIA HD Audio Driver - Use After Free
CVSS 5.5
CVE-2025-69421 HIGH
OpenSSL 1.0.2-1.0.2z, 1.1.1-1.1.1zd, 3.0.0-3.0.18, 3.3.0-3.3.5, 3.4.0-3.4.3, 3.5.0-3.5.4, 3.6.0 - DoS via PKCS#12
CVSS 7.5
CVE-2025-15468 MEDIUM
OpenSSL 3.3.0-3.3.6 - Denial of Service via NULL Pointer Dereference in SSL_CIPHER_find()
CVSS 5.9
CVE-2025-11187 MEDIUM
OpenSSL 3.4.0-3.4.3, 3.5.0-3.5.4, 3.6.0 - Stack-based Buffer Overflow in PKCS#12 PBMAC1 MAC Verification
CVSS 6.1
CVE-2025-66720 HIGH
free5gc pcf <1.4.0 - Memory Corruption
CVSS 7.5
CVE-2025-68141 HIGH
EVerest < 2025.10.0 - Denial of Service via DC_ChargeLoopRes Message Deserialization
CVSS 7.4
CVE-2025-63648 HIGH
owntone_server < 29.0 - Denial of Service via DACP Request
CVSS 7.5
CVE-2025-63647 HIGH
owntone-server <commit 334beb - DoS
CVSS 7.5
CVE-2025-57156 HIGH
owntone_server < 28.12 - Denial of Service via dacp_reply_playqueueedit_clear NULL Pointer Dereference
CVSS 7.5
CVE-2025-57155 HIGH
owntone_server < 28.2 - Denial of Service via NULL Pointer Dereference in daap_reply_groups
CVSS 7.5
CVE-2025-15535 LOW
nicbarker clay <0.14 - Null Pointer Dereference
CVSS 3.3
CVE-2025-60007 MEDIUM
Junos OS DoS via 'show chassis' Command (Multiple Versions)
CVSS 5.5
CVE-2025-9014 HIGH
TP-Link TL-WR841N v14 < 250908 - Unauthenticated Denial of Service via Referer Header Check
CVSS 7.5
CVE-2025-71138 MEDIUM
Linux Kernel 5.19-6.6.119, 6.7-6.12.63, 6.13-6.18.3 - NULL Pointer Dereference in dpu_encoder_phys_wb_setup_ctl
CVSS 5.5
CVE-2025-71135 MEDIUM
Linux Kernel - Null Pointer Dereference in raid5_store_group_thread_cnt
CVSS 5.5
CVE-2025-71130 MEDIUM
Linux Kernel 5.16.0-6.1.160, 6.2.0-6.6.120, 6.7.0-6.12.64, 6.13.0-6.18.4 - NULL Pointer Dereference in DRM i915 GEM
CVSS 5.5
CVE-2025-71125 MEDIUM
Linux Kernel - NULL Pointer Dereference in Synthetic Event Perf Registration
CVSS 5.5
CVE-2025-71124 MEDIUM
Linux Kernel 6.13-6.18.2 - NULL Pointer Dereference in DRM MSM A6XX Preempt Postamble
CVSS 5.5
Details
Vulnerabilities 5,271
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits