CWE-476— NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.— MITRE CWE catalog
4,963 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-476page 85 of 100
- CVE-2025-50950HIGHCVSS 7.5EG 7.52025-10-23
Audiofile v0.3.7 was discovered to contain a NULL pointer dereference via the ModuleState::setup function.
- CVE-2025-50952MEDIUMCVSS 6.5EG 6.52025-08-07
openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.
- CVE-2025-52424MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52426MEDIUMCVSS 4.9EG 4.92026-01-02
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52427MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52428MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52430MEDIUMCVSS 4.9EG 4.92026-01-02
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52431MEDIUMCVSS 4.9EG 4.92026-01-02
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52432MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52433MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52585HIGHCVSS 7.5EG 7.52025-08-13
When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman (ADH) ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.…
- CVE-2025-52853MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52854MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52855MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52857MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52858MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52859MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52860MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52862MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52865MEDIUMCVSS 6.5EG 6.52025-11-07
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the …
- CVE-2025-52866MEDIUMCVSS 4.9EG 4.92025-10-03
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-52984MEDIUMCVSS 5.9EG 5.92025-07-11
A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device. When stat…
- CVE-2025-53010HIGHCVSS 7.5EG 7.52025-08-01
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null…
- CVE-2025-53011HIGHCVSS 7.5EG 7.52025-08-01
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null…
- CVE-2025-53141HIGHCVSS 7.8EG 7.82025-08-12
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2025-53154HIGHCVSS 7.8EG 7.82025-08-12
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2025-53170MEDIUMCVSS 4.0EG 4.02025-07-07
Null pointer dereference vulnerability in the application exit cause module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53179MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53180MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53181MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53182MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53183MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53184MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53405MEDIUMCVSS 4.9EG 4.92026-01-02
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-53408MEDIUMCVSS 6.5EG 6.52025-11-07
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the …
- CVE-2025-53412MEDIUMCVSS 6.5EG 6.52025-11-07
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the …
- CVE-2025-53414MEDIUMCVSS 4.9EG 4.92026-01-02
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-53477HIGHCVSS 7.5EG 7.52026-01-10
NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. This issue requires disabled asserts and broken or bogus Bluetooth con…
- CVE-2025-53589MEDIUMCVSS 4.9EG 4.92026-01-02
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-53590MEDIUMCVSS 4.9EG 4.92026-01-02
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-53592MEDIUMCVSS 6.5EG 6.52026-01-02
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We…
- CVE-2025-53596MEDIUMCVSS 4.9EG 4.92026-01-02
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) a…
- CVE-2025-53598MEDIUMCVSS 6.5EG 6.52026-02-11
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the v…
- CVE-2025-53603HIGHCVSS 7.5EG 7.52025-07-05
In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via a request in which a parameter in the query string is a duplicate of a parameter in the POST body.
- CVE-2025-53716MEDIUMCVSS 6.5EG 6.52025-08-12
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.
- CVE-2025-53817HIGHCVSS 7.5EG 7.52025-07-17
7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a…
- CVE-2025-54146MEDIUMCVSS 6.5EG 6.52026-02-11
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the v…
- CVE-2025-54147MEDIUMCVSS 6.5EG 6.52026-02-11
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the v…
- CVE-2025-54148MEDIUMCVSS 6.5EG 6.52026-02-11
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the v…
- CVE-2025-54163MEDIUMCVSS 4.9EG 4.92026-02-11
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already …
Map vulnerabilities like CWE-476 to your infrastructure
EchelonGraph correlates every CVE — across CWE-476 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →