CWE-476

Medium likelihood

NULL Pointer Dereference

Parent: CWE-710 - Improper Adherence to Coding Standards

The product dereferences a pointer that it expects to be valid but is NULL.

5,328 vulnerabilities with CWE-476
CVE-2010-4342
Linux Kernel < 2.6.37 - Denial of Service via Econet AUN Packet Handling
CVE-2010-3849
Linux Kernel < 2.6.36.2 - Denial of Service via NULL Pointer Dereference in econet_sendmsg
CVE-2010-4346
Linux Kernel < 2.6.37 - NULL Pointer Dereference via mmap Security Bypass
CVE-2010-4576
Google Chrome < 8.0.552.224 and Chrome OS < 8.0.552.343 - Denial of Service via Crafted JavaScript Web Worker
CVE-2010-3702
CUPS < 1.3.11 - Denial of Service via Uninitialized Pointer Dereference in PDF Parser
CVE-2010-3437
Linux kernel <2.6.36-rc6 - Info Disclosure/DoS
CVE-2010-3079 MEDIUM
Linux Kernel < 2.6.35.5 - Denial of Service via lseek on set_ftrace_filter File
CVSS 5.5
CVE-2010-2960 HIGH
Linux Kernel < 2.6.35.4 - Denial of Service via KEYCTL_SESSION_TO_PARENT NULL Pointer Dereference
CVSS 7.8
CVE-2010-2798 HIGH
Linux Kernel < 2.6.35 - Denial of Service via GFS2 Directory Entry Renaming
CVSS 7.8
CVE-2010-2495
Linux Kernel < 2.6.34 - Denial of Service via L2TP Interface Validation
CVE-2010-3251
Google Chrome < 6.0.472.53 - Denial of Service via WebSockets NULL Pointer Dereference
CVE-2010-2954
Linux kernel <2.6.36-rc3-next-20100901 - DoS
CVE-2010-1321
MIT Kerberos 5 < 1.7.1 and 1.8 < 1.8.2 - Authenticated Denial of Service via Missing AP-REQ Authenticator Checksum
CVE-2010-1148
Linux Kernel < 2.6.33.2 - Denial of Service via NULL nameidata in POSIX File Creation
CVE-2010-0751
libnids < 1.24 - Denial of Service via Crafted Fragmented Packets
CVE-2010-1187
Linux Kernel 2.6.16-2.6.33 - Denial of Service via TIPC Datagram Handling
CVE-2010-0006
Linux Kernel < 2.6.32.4 - Denial of Service via IPv6 Jumbogram NULL Pointer Dereference
CVE-2009-4895 MEDIUM
Linux Kernel < 2.6.32.6 - Race Condition in tty_fasync
CVSS 4.7
CVE-2009-3547 HIGH
Linux Kernel < 2.6.32-rc6 - Race Condition in Pipe Handling via /proc/*/fd/ Pathname
CVSS 7.0
CVE-2009-3620 HIGH
Linux Kernel < 2.6.31-git11 - Denial of Service via ATI Rage 128 Driver ioctl Calls
CVSS 7.8
CVE-2009-2516 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.1
CVE-2009-3094
Apache HTTP Server 2.0.35-2.0.63 - Denial of Service via Malformed EPSV Reply
CVE-2009-2698 HIGH
Linux Kernel <2.6.19 - Privilege Escalation
CVSS 7.8
CVE-2009-2768 HIGH
Linux Kernel < 2.6.31 - Denial of Service via Flat Binary Execution
CVSS 7.8
CVE-2009-2287
Linux Kernel 2.6.0-2.6.29 - Denial of Service via KVM_SET_SREGS cr3 Validation Bypass
Details
Vulnerabilities 5,328
Exploit Likelihood Medium