CWE-476: NULL Pointer Dereference — known CVE vulnerabilities
CVEs classified under CWE-476 (NULL Pointer Dereference), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2022-36648 — CVSS 10.0 (critical): The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers…
CVE-2020-14500 — CVSS 10.0 (critical): Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary data.
CVE-2010-2495 — CVSS 10.0 (critical): The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly…
CVE-2026-46195 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: smb: client: validate dacloffset before building DACL pointers…
CVE-2026-31657 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference…
CVE-2026-31436 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in…
CVE-2024-55193 — CVSS 9.8 (critical): OpenImageIO v3.1.0.0dev was discovered to contain a segmentation violation via the component /OpenImageIO/string_view.h.
CVE-2024-40493 — CVSS 9.8 (critical): Null Pointer Dereference in `coap_client_exchange_blockwise2` function in Keith Cullen FreeCoAP 1.0 allows remote attackers to cause a…
CVE-2023-46427 — CVSS 9.8 (critical): An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code, cause a denial…
CVE-2023-47003 — CVSS 9.8 (critical): An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial of service via a crafted string in…
CVE-2021-4236 — CVSS 9.8 (critical): Web Sockets do not execute any AuthenticateMethod methods which may be set, leading to a nil pointer dereference if the returned UserData…
CVE-2022-36227 — CVSS 9.8 (critical): In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if…
CVE-2021-1946 — CVSS 9.8 (critical): Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute…
CVE-2021-28300 — CVSS 9.8 (critical): NULL Pointer Dereference in the "isomedia/track.c" module's "MergeTrack()" function of GPAC v0.5.2 allows attackers to execute arbitrary…
CVE-2020-35860 — CVSS 9.8 (critical): An issue was discovered in the cbox crate through 2020-03-19 for Rust. The CBox API allows dereferencing raw pointers without a requirement…
CVE-2020-11168 — CVSS 9.8 (critical): u'Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range' in…
CVE-2019-8572 — CVSS 9.8 (critical): A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1…
CVE-2019-20914 — CVSS 9.8 (critical): An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_d…
CVE-2020-1939 — CVSS 9.8 (critical): The Apache NuttX (Incubating) project provides an optional separate "apps" repository which contains various optional components and…
CVE-2020-5544 — CVSS 9.8 (critical): Null Pointer Dereference vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D…
CVE-2019-18190 — CVSS 9.8 (critical): Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of…
CVE-2019-10534 — CVSS 9.8 (critical): Null-pointer dereference can occur while accessing the super index entry when it is not been allocated in Snapdragon Auto, Snapdragon…
CVE-2019-17539 — CVSS 9.8 (critical): In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when…
CVE-2018-17893 — CVSS 9.8 (critical): LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, which may allow remote code execution.
CVE-2018-14811 — CVSS 9.8 (critical): Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted pointer dereference vulnerabilities have been identified, which may allow…
CVE-2018-16657 — CVSS 9.8 (critical): In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes…
CVE-2018-1000800 — CVSS 9.8 (critical): zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result…
CVE-2018-16329 — CVSS 9.8 (critical): In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
CVE-2018-16328 — CVSS 9.8 (critical): In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
CVE-2018-14562 — CVSS 9.8 (critical): An issue was discovered in libthulac.so in THULAC through 2018-02-25. A NULL pointer dereference can occur in the BasicModel class in…
CVE-2018-4987 — CVSS 9.8 (critical): Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Untrusted…
CVE-2018-7497 — CVSS 9.8 (critical): In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and…
CVE-2016-10496 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, SD 210/SD 212/SD 205, SD 410/12, SD…
CVE-2016-10489 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in…
CVE-2016-10487 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10449 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640…
CVE-2015-9221 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 800, and SD 810, lack of validation…
CVE-2015-9215 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, and SD 810, improper…
CVE-2015-9200 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9650, SD 210/SD…
CVE-2015-9191 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M…
CVE-2015-9175 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9162 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808…
CVE-2015-9149 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9145 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9135 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9625, MDM9635M, MDM9640…