CWE-822
AllowedUntrusted Pointer Dereference
Abstraction: Base · Status: Incomplete
The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.
380 vulnerabilities reference this CWE, most recent first.
GHSA-83RP-XPX6-C58F
Vulnerability from github – Published: 2024-07-09 18:30 – Updated: 2024-07-09 18:30Secure Boot Security Feature Bypass Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-37969"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-09T17:15:23Z",
"severity": "HIGH"
},
"details": "Secure Boot Security Feature Bypass Vulnerability",
"id": "GHSA-83rp-xpx6-c58f",
"modified": "2024-07-09T18:30:50Z",
"published": "2024-07-09T18:30:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37969"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37969"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-85H2-C2JQ-7MG4
Vulnerability from github – Published: 2024-01-09 18:30 – Updated: 2024-01-09 18:30Windows Message Queuing Client (MSMQC) Information Disclosure
{
"affected": [],
"aliases": [
"CVE-2024-20680"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-09T18:15:51Z",
"severity": "MODERATE"
},
"details": "Windows Message Queuing Client (MSMQC) Information Disclosure",
"id": "GHSA-85h2-c2jq-7mg4",
"modified": "2024-01-09T18:30:28Z",
"published": "2024-01-09T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20680"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20680"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-85RC-78J2-FWQF
Vulnerability from github – Published: 2022-07-19 00:00 – Updated: 2022-07-29 00:00This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-16653.
{
"affected": [],
"aliases": [
"CVE-2022-34890"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-18T15:15:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-16653.",
"id": "GHSA-85rc-78j2-fwqf",
"modified": "2022-07-29T00:00:41Z",
"published": "2022-07-19T00:00:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34890"
},
{
"type": "WEB",
"url": "https://kb.parallels.com/125013"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-941"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-88PR-7PR7-5QGQ
Vulnerability from github – Published: 2025-11-04 18:31 – Updated: 2025-11-04 21:31An issue was discovered in NPU in Samsung Mobile Processor Exynos through July 2025. There is an Untrusted Pointer Dereference of src_hdr in the copy_ncp_header function.
{
"affected": [],
"aliases": [
"CVE-2025-54331"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-04T17:16:22Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in NPU in Samsung Mobile Processor Exynos through July 2025. There is an Untrusted Pointer Dereference of src_hdr in the copy_ncp_header function.",
"id": "GHSA-88pr-7pr7-5qgq",
"modified": "2025-11-04T21:31:34Z",
"published": "2025-11-04T18:31:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54331"
},
{
"type": "WEB",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates"
},
{
"type": "WEB",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54331"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-899W-W5QQ-HG5V
Vulnerability from github – Published: 2024-09-16 18:31 – Updated: 2025-11-04 00:31Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access.
{
"affected": [],
"aliases": [
"CVE-2023-42772"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-16T17:15:59Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access.",
"id": "GHSA-899w-w5qq-hg5v",
"modified": "2025-11-04T00:31:25Z",
"published": "2024-09-16T18:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42772"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20241011-0009"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-8H3P-QVH8-FMVH
Vulnerability from github – Published: 2025-11-11 18:30 – Updated: 2025-11-11 18:30Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2025-60719"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-11T18:15:40Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-8h3p-qvh8-fmvh",
"modified": "2025-11-11T18:30:21Z",
"published": "2025-11-11T18:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60719"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60719"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8HJ8-3HCM-WR5Q
Vulnerability from github – Published: 2026-01-13 18:31 – Updated: 2026-01-13 18:31Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2026-20938"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-13T18:16:20Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-8hj8-3hcm-wr5q",
"modified": "2026-01-13T18:31:10Z",
"published": "2026-01-13T18:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20938"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20938"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8JGP-25F5-RWMX
Vulnerability from github – Published: 2024-10-08 18:33 – Updated: 2024-10-08 18:33Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-37982"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-08T18:15:06Z",
"severity": "MODERATE"
},
"details": "Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability",
"id": "GHSA-8jgp-25f5-rwmx",
"modified": "2024-10-08T18:33:14Z",
"published": "2024-10-08T18:33:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37982"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37982"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8PJ9-4W5F-P42V
Vulnerability from github – Published: 2025-12-18 06:30 – Updated: 2025-12-18 06:30Information disclosure while processing system calls with invalid parameters.
{
"affected": [],
"aliases": [
"CVE-2025-47325"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-18T06:15:48Z",
"severity": "MODERATE"
},
"details": "Information disclosure while processing system calls with invalid parameters.",
"id": "GHSA-8pj9-4w5f-p42v",
"modified": "2025-12-18T06:30:13Z",
"published": "2025-12-18T06:30:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47325"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-93WW-RWV5-GJG4
Vulnerability from github – Published: 2024-11-12 18:30 – Updated: 2024-11-12 18:30Windows DWM Core Library Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-43629"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-12T18:15:31Z",
"severity": "HIGH"
},
"details": "Windows DWM Core Library Elevation of Privilege Vulnerability",
"id": "GHSA-93ww-rwv5-gjg4",
"modified": "2024-11-12T18:30:58Z",
"published": "2024-11-12T18:30:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43629"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43629"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
CAPEC-129: Pointer Manipulation
This attack pattern involves an adversary manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.