Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-588:Attempt to Access Child of a Non-structure Pointer
Weakness ID:588
Version:v4.17
Weakness Name:Attempt to Access Child of a Non-structure Pointer
Vulnerability Mapping:Allowed
Abstraction:Variant
Structure:Simple
Status:Incomplete
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
3Vulnerabilities found
CVE-2026-21692
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.31% / 22.34%
||
7 Day CHG~0.00%
Published-07 Jan, 2026 | 21:56
Updated-12 Jan, 2026 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iccDEV has Type Confusion in ToXmlCurve() at IccXML/IccLibXML/IccMpeXml.cpp

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `ToXmlCurve()` at `IccXML/IccLibXML/IccMpeXml.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

Action-Not Available
Vendor-InternationalColorConsortiumInternational Color Consortium (ICC)
Product-iccdeviccDEV
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-588
Attempt to Access Child of a Non-structure Pointer
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2021-3510
Assigner-Zephyr Project
ShareView Details
Assigner-Zephyr Project
CVSS Score-7.5||HIGH
EPSS-0.93% / 55.98%
||
7 Day CHG~0.00%
Published-05 Oct, 2021 | 20:50
Updated-16 Sep, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zephyr JSON decoder incorrectly decodes array of array

Zephyr JSON decoder incorrectly decodes array of array. Zephyr versions >= >1.14.0, >= >2.5.0 contain Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw3-2qf4

Action-Not Available
Vendor-Zephyr Project
Product-zephyrzephyr
CWE ID-CWE-588
Attempt to Access Child of a Non-structure Pointer
CVE-2021-3319
Assigner-Zephyr Project
ShareView Details
Assigner-Zephyr Project
CVSS Score-6.5||MEDIUM
EPSS-0.85% / 53.47%
||
7 Day CHG~0.00%
Published-05 Oct, 2021 | 20:50
Updated-16 Sep, 2024 | 22:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses

DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. Zephyr versions >= > v2.4.0 contain NULL Pointer Dereference (CWE-476), Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94jg-2p6q-5364

Action-Not Available
Vendor-Zephyr Project
Product-zephyrzephyr
CWE ID-CWE-588
Attempt to Access Child of a Non-structure Pointer
CWE ID-CWE-476
NULL Pointer Dereference