Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-65408

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-01 Dec, 2025 | 00:00
Updated At-01 Dec, 2025 | 19:32
Rejected At-
Credits

A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS file.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:01 Dec, 2025 | 00:00
Updated At:01 Dec, 2025 | 19:32
Rejected At:
â–¼CVE Numbering Authority (CNA)

A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS file.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/rgaufman/live555
N/A
https://shimo.im/docs/VMAPLVLp57SJ92Ag
N/A
Hyperlink: https://github.com/rgaufman/live555
Resource: N/A
Hyperlink: https://shimo.im/docs/VMAPLVLp57SJ92Ag
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-476CWE-476 NULL Pointer Dereference
Type: CWE
CWE ID: CWE-476
Description: CWE-476 NULL Pointer Dereference
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:01 Dec, 2025 | 17:15
Updated At:23 Dec, 2025 | 13:43

A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS file.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CPE Matches
live555
live555
>>streaming_media>>2018-09-02
cpe:2.3:a:live555:streaming_media:2018-09-02:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-476Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-476
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/rgaufman/live555cve@mitre.org
Product
https://shimo.im/docs/VMAPLVLp57SJ92Agcve@mitre.org
Exploit
Third Party Advisory
Hyperlink: https://github.com/rgaufman/live555
Source: cve@mitre.org
Resource:
Product
Hyperlink: https://shimo.im/docs/VMAPLVLp57SJ92Ag
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

135Records found
CVE-2021-38381
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 45.00%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 17:16
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.

Action-Not Available
Vendor-live555n/a
Product-live555n/a
CWE ID-CWE-416
Use After Free
CVE-2021-38382
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 45.00%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 17:15
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.

Action-Not Available
Vendor-live555n/a
Product-live555n/a
CWE ID-CWE-416
Use After Free
CVE-2025-65405
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 22.28%
||
7 Day CHG~0.00%
Published-01 Dec, 2025 | 00:00
Updated-23 Dec, 2025 | 13:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC file.

Action-Not Available
Vendor-live555n/a
Product-streaming_median/a
CWE ID-CWE-416
Use After Free
CVE-2025-65406
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 17.01%
||
7 Day CHG~0.00%
Published-01 Dec, 2025 | 00:00
Updated-23 Dec, 2025 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MKV file.

Action-Not Available
Vendor-live555n/a
Product-streaming_median/a
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2025-65407
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 22.28%
||
7 Day CHG~0.00%
Published-01 Dec, 2025 | 00:00
Updated-23 Dec, 2025 | 13:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG Program stream.

Action-Not Available
Vendor-live555n/a
Product-streaming_median/a
CWE ID-CWE-416
Use After Free
CVE-2025-65404
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 17.01%
||
7 Day CHG~0.00%
Published-01 Dec, 2025 | 00:00
Updated-23 Dec, 2025 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 stream.

Action-Not Available
Vendor-live555n/a
Product-streaming_median/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-40266
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 24.10%
||
7 Day CHG~0.00%
Published-22 Aug, 2023 | 00:00
Updated-03 Oct, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference.

Action-Not Available
Vendor-freeimage_projectn/a
Product-freeimagen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39521
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 46.91%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 15:26
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service.

Action-Not Available
Vendor-n/aGNU
Product-libredwgn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39523
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 46.91%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 15:26
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service.

Action-Not Available
Vendor-n/aGNU
Product-libredwgn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39519
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 46.89%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 15:26
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PullQData() located in blockbitmaprequester.cpp It allows an attacker to cause Denial of Service.

Action-Not Available
Vendor-jpegn/a
Product-libjpegn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39532
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 46.91%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 15:26
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libslax through v0.22.1. A NULL pointer dereference exists in the function slaxLexer() located in slaxlexer.c. It allows an attacker to cause Denial of Service.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-libslaxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39804
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 31.52%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 16:11
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In reinit of HeifDecoderImpl.cpp, there is a possible crash due to a missing null check. This could lead to remote persistent denial of service in the file picker with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-215002587

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39520
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 46.89%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 15:26
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PushReconstructedData() located in blockbitmaprequester.cpp. It allows an attacker to cause Denial of Service.

Action-Not Available
Vendor-jpegn/a
Product-libjpegn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-35307
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 54.01%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 19:08
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).

Action-Not Available
Vendor-n/aAxiomatic Systems, LLC
Product-bento4n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-35306
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 54.01%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 19:08
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the function AP4_StszAtom::WriteFields located in Ap4StszAtom.cpp. It allows an attacker to cause a denial of service (DOS).

Action-Not Available
Vendor-n/aAxiomatic Systems, LLC
Product-bento4n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-3596
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.17% / 38.34%
||
7 Day CHG~0.00%
Published-24 Feb, 2022 | 00:00
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.

Action-Not Available
Vendor-n/aRed Hat, Inc.Debian GNU/LinuxFedora ProjectImageMagick Studio LLC
Product-debian_linuximagemagickfedoraenterprise_linuxImageMagick
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-16749
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 47.35%
||
7 Day CHG~0.00%
Published-09 Sep, 2018 | 15:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-33798
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-4.7||MEDIUM
EPSS-0.05% / 13.89%
||
7 Day CHG~0.00%
Published-07 Jul, 2023 | 17:39
Updated-28 Oct, 2024 | 15:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A null pointer dereference was found in libpano13, version libpano13-2.9.20. The flow allows attackers to cause a denial of service and potential code execute via a crafted file.

Action-Not Available
Vendor-libpano13_projectlibpano13
Product-libpano13libpano13
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-3316
Matching Score-4
Assigner-JFrog
ShareView Details
Matching Score-4
Assigner-JFrog
CVSS Score-5.9||MEDIUM
EPSS-0.02% / 6.40%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 11:10
Updated-03 Nov, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

Action-Not Available
Vendor-LibTIFF
Product-libtifflibtiff
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-40264
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 24.90%
||
7 Day CHG~0.00%
Published-22 Aug, 2023 | 00:00
Updated-03 Oct, 2024 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp.

Action-Not Available
Vendor-freeimage_projectn/a
Product-freeimagen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39515
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 49.16%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 15:26
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function SampleInterleavedLSScan::ParseMCU() located in sampleinterleavedlsscan.cpp. It allows an attacker to cause Denial of Service.

Action-Not Available
Vendor-jpegn/a
Product-libjpegn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39535
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 49.16%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 15:26
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libxsmm through v1.16.1-93. A NULL pointer dereference exists in JIT code. It allows an attacker to cause Denial of Service.

Action-Not Available
Vendor-libxsmm_projectn/a
Product-libxsmmn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39516
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 49.16%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 15:26
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function HuffmanDecoder::Get() located in huffmandecoder.hpp. It allows an attacker to cause Denial of Service.

Action-Not Available
Vendor-jpegn/a
Product-libjpegn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-3408
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 26.42%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 03:32
Updated-04 Mar, 2026 | 02:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open Babel CDXML File atom.cpp GetExplicitValence null pointer dereference

A vulnerability was identified in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit is publicly available and might be used. The name of the patch is e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. It is best practice to apply a patch to resolve this issue.

Action-Not Available
Vendor-openbabeln/a
Product-open_babelOpen Babel
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-10126
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.64% / 70.66%
||
7 Day CHG+0.34%
Published-21 Apr, 2018 | 21:00
Updated-20 Aug, 2024 | 05:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-28484
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.33% / 56.15%
||
7 Day CHG~0.00%
Published-24 Apr, 2023 | 00:00
Updated-30 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.

Action-Not Available
Vendor-n/alibxml2 (XMLSoft)Debian GNU/Linux
Product-libxml2debian_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-30485
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.46% / 80.95%
||
7 Day CHG~0.00%
Published-11 Apr, 2021 | 15:06
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.

Action-Not Available
Vendor-ezxml_projectn/aDebian GNU/Linux
Product-ezxmldebian_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-57719
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 33.13%
||
7 Day CHG~0.00%
Published-23 Jan, 2025 | 00:00
Updated-15 Apr, 2025 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lunasvg v3.0.0 was discovered to contain a segmentation violation via the component blend_transformed_tiled_argb.isra.0.

Action-Not Available
Vendor-sammycagen/a
Product-lunasvgn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-27836
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.42% / 62.07%
||
7 Day CHG~0.00%
Published-03 Nov, 2021 | 16:07
Updated-03 Aug, 2024 | 21:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file.

Action-Not Available
Vendor-libxls_projectn/aFedora Project
Product-fedoralibxlsn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-24751
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.36% / 58.16%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

Action-Not Available
Vendor-strukturn/aDebian GNU/Linux
Product-debian_linuxlibde265n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-21691
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.13% / 31.83%
||
7 Day CHG~0.00%
Published-07 Jan, 2026 | 21:53
Updated-12 Jan, 2026 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV has Type Confusion in CIccTag:IsTypeCompressed()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `CIccTag:IsTypeCompressed()`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-1025
Comparison Using Wrong Factors
CWE ID-CWE-140
Improper Neutralization of Delimiters
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-476
NULL Pointer Dereference
CWE ID-CWE-697
Incorrect Comparison
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2026-21680
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 16.21%
||
7 Day CHG~0.00%
Published-07 Jan, 2026 | 17:50
Updated-09 Jan, 2026 | 21:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV has Null Pointer Dereference in CIccProfile::CheckTagTypes()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a NULL pointer dereference vulnerability. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-21689
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 31.83%
||
7 Day CHG~0.00%
Published-07 Jan, 2026 | 21:46
Updated-12 Jan, 2026 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV has Type Confusion in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cpp

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `CIccProfileXml::ParseBasic()` at `IccXML/IccLibXML/IccProfileXml.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-232
Improper Handling of Undefined Values
CWE ID-CWE-476
NULL Pointer Dereference
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2024-55193
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 42.44%
||
7 Day CHG~0.00%
Published-23 Jan, 2025 | 00:00
Updated-29 Jan, 2025 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenImageIO v3.1.0.0dev was discovered to contain a segmentation violation via the component /OpenImageIO/string_view.h.

Action-Not Available
Vendor-openimageion/a
Product-openimageion/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-56430
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-2.9||LOW
EPSS-0.04% / 13.25%
||
7 Day CHG~0.00%
Published-25 Dec, 2024 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenFHE through 1.2.3 has a NULL pointer dereference in BinFHEContext::EvalFloor in lib/binfhe-base-scheme.cpp.

Action-Not Available
Vendor-OpenFHE
Product-OpenFHE
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-20233
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.12% / 30.14%
||
7 Day CHG~0.00%
Published-13 Sep, 2023 | 16:40
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect processing of invalid continuity check messages (CCMs). An attacker could exploit this vulnerability by sending crafted CCMs to an affected device. A successful exploit could allow the attacker to cause the CFM service to crash when a user displays information about maintenance end points (MEPs) for peer MEPs on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-476
NULL Pointer Dereference
CWE ID-CWE-354
Improper Validation of Integrity Check Value
CVE-2017-9216
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.89% / 75.67%
||
7 Day CHG~0.00%
Published-24 May, 2017 | 04:56
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.

Action-Not Available
Vendor-n/aArtifex Software Inc.Debian GNU/Linux
Product-jbig2decdebian_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-1994
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.35% / 57.26%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Fedora ProjectDebian GNU/LinuxWireshark Foundation
Product-fedoradebian_linuxwiresharkWireshark
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-12950
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-4.37% / 89.02%
||
7 Day CHG~0.00%
Published-28 Aug, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.

Action-Not Available
Vendor-linuxsamplern/a
Product-libgign/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-6795
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.69% / 71.83%
||
7 Day CHG~0.00%
Published-02 Mar, 2020 | 04:05
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects Thunderbird < 68.5.

Action-Not Available
Vendor-Mozilla Corporation
Product-thunderbirdThunderbird
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-1000879
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.69% / 71.86%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 17:00
Updated-05 Aug, 2024 | 12:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file.

Action-Not Available
Vendor-n/aFedora ProjectlibarchiveopenSUSE
Product-fedoralibarchiveleapn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-36135
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 29.15%
||
7 Day CHG~0.00%
Published-02 Dec, 2021 | 00:00
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component rate_hist.c.

Action-Not Available
Vendor-aomedian/a
Product-aomedian/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-64086
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 22.95%
||
7 Day CHG-0.07%
Published-09 Dec, 2025 | 00:00
Updated-11 Dec, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference vulnerability in the util.readFileIntoStream component of PDF-XChange Editor v10.7.3.401 allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-n/aPDF-XChange Co Ltd.
Product-pdf-xchange_editorn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-36149
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.29% / 51.95%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 20:13
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

Action-Not Available
Vendor-symonicsn/aFedora Project
Product-libmysofafedoran/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-36148
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.29% / 51.95%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 20:13
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

Action-Not Available
Vendor-symonicsn/aFedora Project
Product-libmysofafedoran/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-36130
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 29.15%
||
7 Day CHG~0.00%
Published-02 Dec, 2021 | 00:00
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1_dx_iface.c.

Action-Not Available
Vendor-aomedian/a
Product-aomedian/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-28163
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.48% / 65.23%
||
7 Day CHG~0.00%
Published-15 Apr, 2023 | 00:00
Updated-06 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-35484
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.51% / 66.28%
||
7 Day CHG~0.00%
Published-16 Aug, 2022 | 20:13
Updated-03 Aug, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f.

Action-Not Available
Vendor-otfcc_projectn/a
Product-otfccn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53179
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 33.63%
||
7 Day CHG+0.10%
Published-07 Jul, 2025 | 02:16
Updated-09 Jul, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53182
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 33.63%
||
7 Day CHG+0.10%
Published-07 Jul, 2025 | 02:24
Updated-09 Jul, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found