CWE-476

Medium likelihood

NULL Pointer Dereference

Parent: CWE-710 - Improper Adherence to Coding Standards

The product dereferences a pointer that it expects to be valid but is NULL.

5,280 vulnerabilities with CWE-476
CVE-2025-37755 MEDIUM
Linux Kernel 6.3-6.6.87, 6.7-6.12.23, 6.13-6.13.11, 6.14-6.14.2 - NULL Pointer Dereference in page_pool_dev_alloc_pages
CVSS 5.5
CVE-2025-37748 MEDIUM
Linux Kernel - NULL Pointer Dereference in mtk_iommu_device_group
CVSS 5.5
CVE-2025-23148 MEDIUM
Linux Kernel - NULL Pointer Dereference in exynos-chipid Probe
CVSS 5.5
CVE-2025-23147 MEDIUM
Linux Kernel - NULL Pointer Dereference in i3c_master_queue_ibi()
CVSS 5.5
CVE-2025-23146 MEDIUM
Linux Kernel - NULL Pointer Dereference in ene-kb3930 Probe Function
CVSS 5.5
CVE-2025-23145 MEDIUM
Linux Kernel 5.9-6.14.2 MPTCP Subflow NULL Pointer Dereference
CVSS 5.5
CVE-2025-23143 MEDIUM
Linux Kernel - Null Pointer Dereference via LOCKDEP Context Check
CVSS 5.5
CVE-2025-31202 MEDIUM
iPadOS < 18.4 - Denial of Service via Null Pointer Dereference
CVSS 5.5
CVE-2025-24251 MEDIUM
Apple iPadOS < 17.7.6 - Denial of Service via NULL Pointer Dereference
CVSS 6.5
CVE-2025-24179 MEDIUM
iPadOS < 17.7.6 - Denial of Service via Null Pointer Dereference
CVSS 5.7
CVE-2025-4003 MEDIUM
RefindPlusRepo RefindPlus <0.14.2.AB - Null Pointer Dereference
CVSS 5.5
CVE-2025-4002 MEDIUM
RefindPlusRepo RefindPlus 0.14.2.AB - Null Pointer Dereference
CVSS 5.5
CVE-2025-46400 MEDIUM
fig2dev - Denial of Service via read_arcobject Function
CVSS 5.5
CVE-2025-46399 MEDIUM
fig2dev - Denial of Service via genge_itp_spline Function
CVSS 5.5
CVE-2025-32818 HIGH
SonicOS 7.1.1-7040-7.1.3-7015 and 8.0.0-8037 - Unauthenticated Denial of Service via SSLVPN Virtual Office Interface
CVSS 7.5
CVE-2025-29547 HIGH
Rollback Rx Professional 12.8.0.0 - Denial of Service via shieldm.sys IOCtl 0x96202000
CVSS 7.0
CVE-2025-43967 LOW
libheif < 1.19.6 - NULL Pointer Dereference in ImageItem_Grid::get_decoder
CVSS 2.9
CVE-2025-43966 LOW
libheif < 1.19.6 - NULL Pointer Dereference in ImageItem_iden
CVSS 2.9
CVE-2025-39755 MEDIUM
Linux Kernel 6.13-6.13.10, 6.14-6.14.1, and 6.15 - NULL Pointer Dereference in PCMCIA Driver Registration
CVSS 5.5
CVE-2025-38240 MEDIUM
Linux kernel - Null Pointer Dereference
CVSS 5.5
CVE-2025-38152 MEDIUM
Linux Kernel 5.13-6.14.1 - NULL Pointer Dereference in Remote Processor Resource Table Handling
CVSS 5.5
CVE-2025-38049 MEDIUM
Linux Kernel 6.9-6.12.22, 6.13.0-6.13.10, 6.14.0-6.14.1 - NULL Pointer Dereference in resctrl CLOSID Allocation
CVSS 5.5
CVE-2025-37860 MEDIUM
Linux Kernel 6.0-6.14.1 - NULL Pointer Dereference in ef100_process_design_param
CVSS 5.5
CVE-2025-32787 LOW
SoftEtherVPN <5.02.5187 - Memory Corruption
CVSS 3.1
CVE-2025-23137 MEDIUM
Linux Kernel 6.11-6.14.2 - NULL Pointer Dereference in amd_pstate_update
CVSS 5.5
Details
Vulnerabilities 5,280
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits