Weaknesses of type CWE-476
2,107 resultsCVE-2017-7511—poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.EPSS 1.1%CVE-2024-38605HIGHALSA: core: Fix NULL module pointer assignment at card initEPSS 1.1%CVE-2023-28484MEDIUMIn libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This ocEPSS 1.1%CVE-2021-23191—A security issue was found in htmldoc v1.9.12 and before. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may resuEPSS 1.1%CVE-2026-40405HIGHWindows TCP/IP Denial of Service VulnerabilityEPSS 1.1%CVE-2024-47542MEDIUMGHSL-2024-235: GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereferenceEPSS 1.1%CVE-2021-0251HIGHJunos OS: MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC: The BRAS Subscriber Services service activation portal is vulnerable to a Denial of Service (DoS) via malformed HTTP packetsEPSS 1.1%CVE-2025-58364MEDIUMcups: Remote DoS via null dereferenceEPSS 1.1%CVE-2024-24989HIGHNGINX HTTP/3 QUIC vulnerabilityEPSS 1.1%CVE-2020-1656HIGHJunos OS: When a DHCPv6 Relay-Agent is configured upon receipt of a specific DHCPv6 client message, Remote Code Execution may occur.EPSS 1.1%CVE-2026-32071HIGHWindows Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityEPSS 1.1%CVE-2018-12469—Incorrect handling of an invalid value for an HTTP request parameter by Directory Server (aka Enterprise Server Administration web UI) in MiEPSS 1.1%CVE-2024-47544MEDIUMGHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handlingEPSS 1.1%CVE-2021-43824HIGHNull pointer dereference in envoyEPSS 1.0%CVE-2025-29835MEDIUMWindows Remote Access Connection Manager Information Disclosure VulnerabilityEPSS 1.0%CVE-2024-50609HIGHAn issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one canEPSS 1.0%CVE-2024-50608HIGHAn issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and porEPSS 1.0%CVE-2023-45931HIGHMesa 23.0.4 was discovered to contain a NULL pointer dereference in check_xshm() for the has_error state. NOTE: this is disputed because theEPSS 1.0%CVE-2021-37616MEDIUMNull pointer dereference in Exiv2::Internal::resolveLens0x8ffEPSS 1.0%CVE-2025-27113LOWlibxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.EPSS 1.0%