CWE-476

Medium likelihood

NULL Pointer Dereference

Parent: CWE-710 - Improper Adherence to Coding Standards

The product dereferences a pointer that it expects to be valid but is NULL.

5,332 vulnerabilities with CWE-476
CVE-2009-3094
Apache HTTP Server 2.0.35-2.0.63 - Denial of Service via Malformed EPSV Reply
CVE-2009-2698 HIGH
Linux Kernel <2.6.19 - Privilege Escalation
CVSS 7.8
CVE-2009-2768 HIGH
Linux Kernel < 2.6.31 - Denial of Service via Flat Binary Execution
CVSS 7.8
CVE-2009-2287
Linux Kernel 2.6.0-2.6.29 - Denial of Service via KVM_SET_SREGS cr3 Validation Bypass
CVE-2009-1387
OpenSSL < 0.9.8m - Denial of Service via DTLS Handshake Fragment Bug
CVE-2009-1386
OpenSSL < 0.9.8i - Denial of Service via DTLS ChangeCipherSpec Packet
CVE-2009-1902
ModSecurity < 2.5.9 - Denial of Service via Multipart Form Data Request
CVE-2008-5183 HIGH
CUPS < 1.3.9 - Denial of Service via RSS Subscription NULL Pointer Dereference
CVSS 7.5
CVE-2008-3597 HIGH
Skulltag < 0.97d2-RC6 - Denial of Service via Command 29 Packet
CVSS 7.5
CVE-2008-2812 HIGH
Linux Kernel < 2.6.25.10 - Denial of Service via NULL Pointer Dereference in TTY Operations
CVSS 7.8
CVE-2008-1672
OpenSSL 0.9.8f and 0.9.8g - Denial of Service via NULL Pointer Dereference
CVE-2007-0039
Microsoft Exchange Server 2000 SP3, 2003 SP1-SP2, 2007 - Denial of Service via iCal MODPROPS Property Handling
CVE-2007-1327
silc-server 1.0.2 - Denial of Service via Invalid HMAC Algorithm in SILC_SERVER_CMD_FUNC
CVE-2007-0887
Axigen Mail Server 1.2.6-2.0.0b1 - Denial of Service via Malformed IMAP Login Credentials
CVE-2007-0342 HIGH
Apple Safari - Denial of Service via TD ROWSPAN Attribute
CVSS 7.5
CVE-2006-6565
FileZilla Server < 0.9.22 - Denial of Service via Wildcard LIST/NLST Command
CVE-2006-4343
OpenSSL 0.9.7-0.9.7k and 0.9.8-0.9.8c - Denial of Service via Null Pointer Dereference in SSLv2 Client
CVE-2006-2661
Freetype < 2.2 - Denial of Service via Crafted Font File
CVE-2005-3274 MEDIUM
Linux Kernel 2.4.0-2.4.31 and 2.6 < 2.6.13 - Denial of Service via Race Condition in ip_vs_conn_flush
CVSS 4.7
CVE-2005-2459
Linux Kernel < 2.6.12.5 - Denial of Service via zlib huft_build Null Pointer Dereference
CVE-2005-0772 HIGH
VERITAS Backup Exec 9.0-10.0 and 9.0.4019-9.1.307 - Denial of Service via NDMLSRVR.DLL Packet Handling
CVSS 7.5
CVE-2004-0079 HIGH
Cisco Firewall Services Module - NULL Pointer Dereference
CVSS 7.5
CVE-2004-0458 HIGH
mah-jong - Denial of Service via Missing Argument
CVSS 7.5
CVE-2004-0119 HIGH
Windows 2000, Windows XP, and Windows Server 2003 - Remote Code Execution via Crafted SPNEGO NegTokenInit Request
CVSS 7.5
CVE-2004-0389 HIGH
RealNetworks Helix Universal Server <9.0.3 - DoS
CVSS 7.5
Details
Vulnerabilities 5,332
Exploit Likelihood Medium