Weaknesses of type CWE-476
2,118 resultsCVE-2026-41684MEDIUMIncus: Nil Dereferences on Restore via Malformed YAMLEPSS 0.4%CVE-2025-70116MEDIUMA NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing desEPSS 0.4%CVE-2026-31256HIGHA null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the procesEPSS 0.4%CVE-2022-25733HIGHNull Pointer Dereference in MODEMEPSS 0.4%CVE-2022-25735HIGHNull Pointer Dereference in MODEMEPSS 0.4%CVE-2026-44316HIGHfree5GC: PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereferenceEPSS 0.4%CVE-2022-41889MEDIUMSegfault via invalid attributes in `pywrap_tfe_src.cc` in TensorflowEPSS 0.4%CVE-2025-59148HIGHSuricata's improper use of entropy keyword can lead to a NULL-ptr derefEPSS 0.4%CVE-2025-45835HIGHA null pointer dereference vulnerability was discovered in Netis WF2880 v2.1.40207. The vulnerability exists in the FUN_004904c8 function ofEPSS 0.4%CVE-2023-37456—The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS <EPSS 0.4%CVE-2025-53141HIGHWindows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2026-40413HIGHWindows TCP/IP Denial of Service VulnerabilityEPSS 0.4%CVE-2026-32134MEDIUMNanoMQ: NULL Pointer Dereference Crash in tcptran_pipe_peer During Session RestoreEPSS 0.4%CVE-2025-62785MEDIUMWazuh fillData NULL pointer dereference causes analysisd crashEPSS 0.4%CVE-2025-53154HIGHWindows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2023-37028MEDIUMA Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95EPSS 0.4%CVE-2025-55780HIGHA null pointer dereference occurs in the function break_word_for_overflow_wrap() in MuPDF 1.26.4 when rendering a malformed EPUB document. SEPSS 0.4%CVE-2026-32696LOWNanoMQ HTTP Auth: Missing username/password can trigger a NULL-pointer strlen() in auth_http.c:set_data(), causing a process crash — SIGSEGV, remotely triggerableEPSS 0.4%CVE-2021-42376—A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validEPSS 0.4%CVE-2026-40195HIGHIncus nil-pointer dereference in storage bucket import allows denial of serviceEPSS 0.4%