CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-476

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-43668 476 DoS 2021-11-18 2021-11-23
2.1
None Local Low Not required None None Partial
Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal.
2 CVE-2021-43667 476 2021-11-18 2021-11-23
5.0
None Remote Low Not required None None Partial
A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.1.0. This bug can be leveraged by constructing a message whose payload is nil and sending this message with the method 'forwardToLeader'. This bug has been admitted and fixed by the developers of Fabric. If leveraged, any leader node will crash.
3 CVE-2021-43016 476 2021-11-22 2021-11-25
4.3
None Remote Medium Not required None None Partial
Adobe InCopy version 16.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
4 CVE-2021-42376 476 DoS 2021-11-15 2021-11-29
1.9
None Local Medium Not required None None Partial
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.
5 CVE-2021-42373 476 DoS 2021-11-15 2021-11-29
2.1
None Local Low Not required None None Partial
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
6 CVE-2021-42268 476 2021-11-18 2021-11-18
4.3
None Remote Medium Not required None None Partial
Adobe Animate version 21.0.9 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted FLA file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7 CVE-2021-41524 476 2021-10-05 2021-11-28
5.0
None Remote Low Not required None None Partial
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project.
8 CVE-2021-41217 476 2021-11-05 2021-11-09
2.1
None Local Low Not required None None Partial
TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in the pairing (e.g., an `Enter` node) always exists when encountering the second node (e.g., an `Exit` node). When this is not the case, `parent` is `nullptr` so dereferencing it causes a crash. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.
9 CVE-2021-41215 476 2021-11-05 2021-11-09
2.1
None Local Low Not required None None Partial
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `DeserializeSparse` can trigger a null pointer dereference. This is because the shape inference function assumes that the `serialize_sparse` tensor is a tensor with positive rank (and having `3` as the last dimension). The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.
10 CVE-2021-41208 476 DoS 2021-11-05 2021-11-09
4.6
None Local Low Not required Partial Partial Partial
TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service (via dereferencing `nullptr`s or via `CHECK`-failures) as well as abuse undefined behavior (binding references to `nullptr`s). An attacker can also read and write from heap buffers, depending on the API that gets used and the arguments that are passed to the call. Given that the boosted trees implementation in TensorFlow is unmaintained, it is recommend to no longer use these APIs. We will deprecate TensorFlow's boosted trees APIs in subsequent releases. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.
11 CVE-2021-40774 476 2021-11-22 2021-11-24
4.3
None Remote Medium Not required None None Partial
Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
12 CVE-2021-40773 476 2021-11-22 2021-11-24
4.3
None Remote Medium Not required None None Partial
Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
13 CVE-2021-40761 476 2021-11-18 2021-11-19
4.3
None Remote Medium Not required None None Partial
Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
14 CVE-2021-40756 476 2021-11-18 2021-11-19
4.3
None Remote Medium Not required None None Partial
Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
15 CVE-2021-40732 476 DoS 2021-10-13 2021-10-27
5.8
None Remote Medium Not required Partial None Partial
XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interaction is required to exploit this vulnerability in that the victim will need to open a specially crafted MXF file.
16 CVE-2021-40157 476 2021-09-15 2021-09-27
9.3
None Remote Medium Not required Complete Complete Complete
A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system.
17 CVE-2021-39928 476 DoS 2021-11-18 2021-12-03
5.0
None Remote Low Not required None None Partial
NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
18 CVE-2021-39923 476 DoS 2021-11-19 2021-12-07
5.0
None Remote Low Not required None None Partial
Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
19 CVE-2021-39921 476 DoS 2021-11-19 2021-12-03
5.0
None Remote Low Not required None None Partial
NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
20 CVE-2021-39920 476 DoS 2021-11-18 2021-12-03
5.0
None Remote Low Not required None None Partial
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file
21 CVE-2021-39860 476 2021-09-29 2021-10-07
4.3
None Remote Medium Not required Partial None None
Acrobat Pro DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive user memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
22 CVE-2021-39854 476 2021-09-29 2021-10-06
4.3
None Remote Medium Not required None None Partial
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
23 CVE-2021-39853 476 2021-09-29 2021-10-06
4.3
None Remote Medium Not required None None Partial
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
24 CVE-2021-39852 476 2021-09-29 2021-10-06
4.3
None Remote Medium Not required None None Partial
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
25 CVE-2021-39851 476 2021-09-29 2021-10-06
4.3
None Remote Medium Not required None None Partial
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
26 CVE-2021-39850 476 2021-09-29 2021-10-06
4.3
None Remote Medium Not required None None Partial
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
27 CVE-2021-39849 476 2021-09-29 2021-10-06
4.3
None Remote Medium Not required None None Partial
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
28 CVE-2021-39598 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function callcode() located in code.c. It allows an attacker to cause Denial of Service.
29 CVE-2021-39597 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function code_dump2() located in code.c. It allows an attacker to cause Denial of Service.
30 CVE-2021-39596 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function code_parse() located in code.c. It allows an attacker to cause Denial of Service.
31 CVE-2021-39594 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
Other An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function updateusage() located in swftext.c. It allows an attacker to cause Denial of Service.
32 CVE-2021-39593 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_FontExtract_DefineFontInfo() located in swftext.c. It allows an attacker to cause Denial of Service.
33 CVE-2021-39592 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_uint() located in pool.c. It allows an attacker to cause Denial of Service.
34 CVE-2021-39591 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_GetShapeBoundingBox() located in swfshape.c. It allows an attacker to cause Denial of Service.
35 CVE-2021-39590 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function params_dump() located in abc.c. It allows an attacker to cause Denial of Service.
36 CVE-2021-39589 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function parse_metadata() located in abc.c. It allows an attacker to cause Denial of Service.
37 CVE-2021-39588 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_ReadABC() located in abc.c. It allows an attacker to cause Denial of Service.
38 CVE-2021-39587 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpABC() located in abc.c. It allows an attacker to cause Denial of Service.
39 CVE-2021-39585 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function traits_dump() located in abc.c. It allows an attacker to cause Denial of Service.
40 CVE-2021-39584 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function namespace_set_hash() located in pool.c. It allows an attacker to cause Denial of Service.
41 CVE-2021-39583 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_string2() located in pool.c. It allows an attacker to cause Denial of Service.
42 CVE-2021-39575 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function dump_method() located in abc.c. It allows an attacker to cause Denial of Service.
43 CVE-2021-39563 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpActions() located in swfaction.c. It allows an attacker to cause Denial of Service.
44 CVE-2021-39562 476 DoS 2021-09-20 2021-09-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function FileStream::makeSubStream() located in Stream.cc. It allows an attacker to cause Denial of Service.
45 CVE-2021-39559 476 DoS 2021-09-20 2021-09-23
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function GString::~GString() located in GString.cc. It allows an attacker to cause Denial of Service.
46 CVE-2021-39557 476 DoS 2021-09-20 2021-09-23
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function copyString() located in gmem.cc. It allows an attacker to cause Denial of Service.
47 CVE-2021-39556 476 DoS 2021-09-20 2021-09-23
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D1() located in InfoOutputDev.cc. It allows an attacker to cause Denial of Service.
48 CVE-2021-39555 476 DoS 2021-09-20 2021-09-23
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D0() located in InfoOutputDev.cc. It allows an attacker to cause Denial of Service.
49 CVE-2021-39554 476 DoS 2021-09-20 2021-09-23
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function Lexer::Lexer() located in Lexer.cc. It allows an attacker to cause Denial of Service.
50 CVE-2021-39553 476 DoS 2021-09-20 2021-09-23
4.3
None Remote Medium Not required None None Partial
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function grealloc() located in gmem.cc. It allows an attacker to cause Denial of Service.
Total number of vulnerabilities : 1557   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.