CWE-476— NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.— MITRE CWE catalog
4,937 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-476page 26 of 99
- CVE-2021-38785HIGHCVSS 7.5EG 7.52022-01-18
There is a NULL pointer deference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedar_dev that could use the ioctl cmd IOCTL_GET_IOMMU_ADDR to cause a system crash.
- CVE-2021-38786HIGHCVSS 7.5EG 7.52022-01-19
There is a NULL pointer dereference in media/libcedarc/vdecoder of Allwinner R818 SoC Android Q SDK V1.0, which could cause a media crash (denial of service).
- CVE-2021-39251HIGHCVSS 7.8EG 7.82021-09-07
A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22.
- CVE-2021-39515MEDIUMCVSS 6.5EG 6.52021-09-20
An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function SampleInterleavedLSScan::ParseMCU() located in sampleinterleavedlsscan.cpp. It allows an attacker to cause Denial of Service.
- CVE-2021-39516MEDIUMCVSS 6.5EG 6.52021-09-20
An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function HuffmanDecoder::Get() located in huffmandecoder.hpp. It allows an attacker to cause Denial of Service.
- CVE-2021-39517MEDIUMCVSS 6.5EG 6.52021-09-20
An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::ReconstructUnsampled() located in blockbitmaprequester.cpp. It allows an attacker to cause Denial of Service.
- CVE-2021-39519MEDIUMCVSS 6.5EG 6.52021-09-20
An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PullQData() located in blockbitmaprequester.cpp It allows an attacker to cause Denial of Service.
- CVE-2021-39520MEDIUMCVSS 6.5EG 6.52021-09-20
An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PushReconstructedData() located in blockbitmaprequester.cpp. It allows an attacker to cause Denial of Service.
- CVE-2021-39521MEDIUMCVSS 6.5EG 6.52021-09-20
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39523MEDIUMCVSS 6.5EG 6.52021-09-20
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39532MEDIUMCVSS 6.5EG 6.52021-09-20
An issue was discovered in libslax through v0.22.1. A NULL pointer dereference exists in the function slaxLexer() located in slaxlexer.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39535MEDIUMCVSS 6.5EG 6.52021-09-20
An issue was discovered in libxsmm through v1.16.1-93. A NULL pointer dereference exists in JIT code. It allows an attacker to cause Denial of Service.
- CVE-2021-39538MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in pdftools through 20200714. A NULL pointer dereference exists in the function node::ObjNode::Value() located in objnode.cpp. It allows an attacker to cause Denial of Service.
- CVE-2021-39539MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in pdftools through 20200714. A NULL pointer dereference exists in the function node::BDCNode::~BDCNode() located in bdcnode.cpp. It allows an attacker to cause Denial of Service.
- CVE-2021-39541MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in pdftools through 20200714. A NULL pointer dereference exists in the function Analyze::AnalyzeXref() located in analyze.cpp. It allows an attacker to cause Denial of Service.
- CVE-2021-39542MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in pdftools through 20200714. A NULL pointer dereference exists in the function Font::Size() located in font.cpp. It allows an attacker to cause Denial of Service.
- CVE-2021-39543MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in pdftools through 20200714. A NULL pointer dereference exists in the function Analyze::AnalyzeRoot() located in analyze.cpp. It allows an attacker to cause Denial of Service.
- CVE-2021-39545MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in sela through 20200412. A NULL pointer dereference exists in the function rice::RiceDecoder::process() located in rice_decoder.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39547MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in sela through 20200412. A NULL pointer dereference exists in the function lpc::SampleGenerator::process() located in sample_generator.cpp. It allows an attacker to cause Denial of Service.
- CVE-2021-39548MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in sela through 20200412. A NULL pointer dereference exists in the function frame::FrameDecoder::process() located in frame_decoder.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39549MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in sela through 20200412. A NULL pointer dereference exists in the function file::WavFile::WavFile() located in wav_file.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39553MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function grealloc() located in gmem.cc. It allows an attacker to cause Denial of Service.
- CVE-2021-39554MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function Lexer::Lexer() located in Lexer.cc. It allows an attacker to cause Denial of Service.
- CVE-2021-39555MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D0() located in InfoOutputDev.cc. It allows an attacker to cause Denial of Service.
- CVE-2021-39556MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D1() located in InfoOutputDev.cc. It allows an attacker to cause Denial of Service.
- CVE-2021-39557MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function copyString() located in gmem.cc. It allows an attacker to cause Denial of Service.
- CVE-2021-39559MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function GString::~GString() located in GString.cc. It allows an attacker to cause Denial of Service.
- CVE-2021-39562MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function FileStream::makeSubStream() located in Stream.cc. It allows an attacker to cause Denial of Service.
- CVE-2021-39563MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpActions() located in swfaction.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39575MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function dump_method() located in abc.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39583MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_string2() located in pool.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39584MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function namespace_set_hash() located in pool.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39585MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function traits_dump() located in abc.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39587MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpABC() located in abc.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39588MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_ReadABC() located in abc.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39589MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function parse_metadata() located in abc.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39590MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function params_dump() located in abc.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39591MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_GetShapeBoundingBox() located in swfshape.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39592MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_uint() located in pool.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39593MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_FontExtract_DefineFontInfo() located in swftext.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39594MEDIUMCVSS 5.5EG 5.52021-09-20
Other An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function updateusage() located in swftext.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39596MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function code_parse() located in code.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39597MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function code_dump2() located in code.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39598MEDIUMCVSS 5.5EG 5.52021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function callcode() located in code.c. It allows an attacker to cause Denial of Service.
- CVE-2021-39804MEDIUMCVSS 6.5EG 6.52022-04-12
In reinit of HeifDecoderImpl.cpp, there is a possible crash due to a missing null check. This could lead to remote persistent denial of service in the file picker with no additional execution privileges needed. User interaction is needed f…
- CVE-2021-39849MEDIUMCVSS 5.5EG 5.52021-09-29
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability …
- CVE-2021-39850MEDIUMCVSS 5.5EG 5.52021-09-29
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability …
- CVE-2021-39851MEDIUMCVSS 5.5EG 5.52021-09-29
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability …
- CVE-2021-39852MEDIUMCVSS 5.5EG 5.52021-09-29
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability …
- CVE-2021-39853MEDIUMCVSS 5.5EG 5.52021-09-29
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability …
Map vulnerabilities like CWE-476 to your infrastructure
EchelonGraph correlates every CVE — across CWE-476 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →