Total
5193 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0389 | 1 Realnetworks | 1 Helix Universal Server | 2026-04-16 | 7.8 HIGH | 7.5 HIGH |
| RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests. | |||||
| CVE-2003-1000 | 1 Xchat | 1 Xchat | 2026-04-16 | 5.0 MEDIUM | 7.5 HIGH |
| xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number, which causes a null dereference. | |||||
| CVE-2005-2459 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-04-16 | 5.0 MEDIUM | N/A |
| The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458. | |||||
| CVE-1999-0052 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2026-04-16 | 5.0 MEDIUM | 7.5 HIGH |
| IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. | |||||
| CVE-2006-2661 | 3 Canonical, Debian, Freetype | 3 Ubuntu Linux, Debian Linux, Freetype | 2026-04-16 | 5.0 MEDIUM | N/A |
| ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. | |||||
| CVE-2001-1559 | 1 Openbsd | 1 Openbsd | 2026-04-16 | 2.1 LOW | 5.5 MEDIUM |
| The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference. | |||||
| CVE-2023-46048 | 2026-04-15 | N/A | 6.2 MEDIUM | ||
| Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdir/writet1.c. NOTE: this is disputed because it should be categorized as a usability problem. | |||||
| CVE-2025-20071 | 2026-04-15 | N/A | 6.5 MEDIUM | ||
| NULL pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2025-70954 | 2026-04-15 | N/A | 7.5 HIGH | ||
| A Null Pointer Dereference vulnerability exists in the TON Virtual Machine (TVM) within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before accessing it. By sending a malicious transaction or smart contract, an attacker can trigger this null pointer dereference, causing the validator node process to crash (segmentation fault). This results in a Denial of Service (DoS) affecting the availability of the entire blockchain network. | |||||
| CVE-2024-35492 | 2026-04-15 | N/A | 7.5 HIGH | ||
| Cesanta Mongoose commit b316989 was discovered to contain a NULL pointer dereference via the scpy function at src/fmt.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MQTT packet. | |||||
| CVE-2026-24813 | 2026-04-15 | N/A | N/A | ||
| NULL Pointer Dereference vulnerability in abcz316 SKRoot-linuxKernelRoot (testRoot/jni/utils modules). This vulnerability is associated with program files cJSON.Cpp. This issue affects SKRoot-linuxKernelRoot. | |||||
| CVE-2024-1241 | 2026-04-15 | N/A | 5.5 MEDIUM | ||
| Watchdog Antivirus v1.6.415 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002014 IOCTL code of the wsdk-driver.sys driver. | |||||
| CVE-2024-24445 | 2026-04-15 | N/A | 6.5 MEDIUM | ||
| OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is unsupported, OAI indexes into a null function pointer and subsequently dereferences it. | |||||
| CVE-2025-6398 | 2026-04-15 | N/A | N/A | ||
| A null pointer dereference vulnerability exists in the IOMap64.sys driver of ASUS AI Suite 3. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash (BSOD). Refer to the ' Security Update for for AI Suite 3 ' section on the ASUS Security Advisory for more information. | |||||
| CVE-2024-20446 | 2026-04-15 | N/A | 8.6 HIGH | ||
| A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to any IPv6 address that is configured on an affected device. A successful exploit could allow the attacker to cause the dhcp_snoop process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. | |||||
| CVE-2023-45935 | 2026-04-15 | N/A | 4.2 MEDIUM | ||
| Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server. | |||||
| CVE-2024-43167 | 2026-04-15 | N/A | 2.8 LOW | ||
| DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentation fault. When certain API functions such as ub_ctx_set_fwd and ub_ctx_resolvconf are called in a particular order, the program attempts to read from a NULL pointer, leading to a crash. This issue can result in a denial of service by causing the application to terminate unexpectedly. | |||||
| CVE-2025-7007 | 2026-04-15 | N/A | 7.5 HIGH | ||
| NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3. | |||||
| CVE-2025-0009 | 2026-04-15 | N/A | 5.5 MEDIUM | ||
| A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability. | |||||
| CVE-2024-29947 | 2026-04-15 | N/A | 2.7 LOW | ||
| There is a NULL dereference pointer vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality. | |||||