CWE-822
AllowedUntrusted Pointer Dereference
Abstraction: Base · Status: Incomplete
The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.
380 vulnerabilities reference this CWE, most recent first.
GHSA-98G3-X4RC-FJ4G
Vulnerability from github – Published: 2024-06-11 18:30 – Updated: 2025-10-22 00:33Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-35250"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-11T17:16:02Z",
"severity": "HIGH"
},
"details": "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability",
"id": "GHSA-98g3-x4rc-fj4g",
"modified": "2025-10-22T00:33:03Z",
"published": "2024-06-11T18:30:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35250"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35250"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-35250"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9G9X-FC99-93R6
Vulnerability from github – Published: 2025-10-14 18:30 – Updated: 2025-11-17 21:31Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware.
{
"affected": [],
"aliases": [
"CVE-2025-24990"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-14T17:15:39Z",
"severity": "HIGH"
},
"details": "Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update.\nFax modem hardware dependent on this specific driver will no longer work on Windows.\nMicrosoft recommends removing any existing dependencies on this hardware.",
"id": "GHSA-9g9x-fc99-93r6",
"modified": "2025-11-17T21:31:19Z",
"published": "2025-10-14T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24990"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24990"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24990"
},
{
"type": "WEB",
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-24990-detection-script-elevation-of-privilege-vulnerability-in-agere-modem-driver-affecting-windows"
},
{
"type": "WEB",
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-24990-mitigation-script-elevation-of-privilege-vulnerability-in-agere-modem-driver-affecting-windows"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9GWR-5P9W-WH2W
Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-09 18:30Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
{
"affected": [],
"aliases": [
"CVE-2025-62556"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-09T18:16:00Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.",
"id": "GHSA-9gwr-5p9w-wh2w",
"modified": "2025-12-09T18:30:46Z",
"published": "2025-12-09T18:30:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62556"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62556"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9VPR-GW8R-CM26
Vulnerability from github – Published: 2025-07-08 18:31 – Updated: 2025-07-08 18:31Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2025-49661"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-08T17:15:48Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-9vpr-gw8r-cm26",
"modified": "2025-07-08T18:31:46Z",
"published": "2025-07-08T18:31:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49661"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49661"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9W2R-P3QJ-G3GM
Vulnerability from github – Published: 2024-02-06 06:30 – Updated: 2024-02-06 06:30Memory corruption while reading ACPI config through the user mode app.
{
"affected": [],
"aliases": [
"CVE-2023-43532"
],
"database_specific": {
"cwe_ids": [
"CWE-763",
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-06T06:16:02Z",
"severity": "HIGH"
},
"details": "Memory corruption while reading ACPI config through the user mode app.",
"id": "GHSA-9w2r-p3qj-g3gm",
"modified": "2024-02-06T06:30:32Z",
"published": "2024-02-06T06:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43532"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9X4C-46P7-5G2P
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19879.
{
"affected": [],
"aliases": [
"CVE-2023-34311"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T02:15:32Z",
"severity": "HIGH"
},
"details": "Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19879.",
"id": "GHSA-9x4c-46p7-5g2p",
"modified": "2024-05-03T03:30:52Z",
"published": "2024-05-03T03:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34311"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-871"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9XC5-8CGR-5WJF
Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.
{
"affected": [],
"aliases": [
"CVE-2026-33120"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-14T18:17:34Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.",
"id": "GHSA-9xc5-8cgr-5wjf",
"modified": "2026-04-14T18:30:43Z",
"published": "2026-04-14T18:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33120"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33120"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C76F-4G6W-3FF9
Vulnerability from github – Published: 2024-05-15 15:30 – Updated: 2024-07-03 18:41A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM.
{
"affected": [],
"aliases": [
"CVE-2024-27353"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-15T15:15:08Z",
"severity": "HIGH"
},
"details": "A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM.",
"id": "GHSA-c76f-4g6w-3ff9",
"modified": "2024-07-03T18:41:57Z",
"published": "2024-05-15T15:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27353"
},
{
"type": "WEB",
"url": "https://www.insyde.com/security-pledge"
},
{
"type": "WEB",
"url": "https://www.insyde.com/security-pledge/SA-2024001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-CH5V-R2G3-8G6X
Vulnerability from github – Published: 2026-07-14 21:32 – Updated: 2026-07-14 21:32Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2026-48340"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T21:16:59Z",
"severity": "HIGH"
},
"details": "Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-ch5v-r2g3-8g6x",
"modified": "2026-07-14T21:32:24Z",
"published": "2026-07-14T21:32:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48340"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CPC5-3X63-52VQ
Vulnerability from github – Published: 2024-01-10 00:30 – Updated: 2024-01-12 21:30AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
{
"affected": [],
"aliases": [
"CVE-2023-34332"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-09T23:15:07Z",
"severity": "HIGH"
},
"details": "\n\n\n\n\n\n\n\n\n\n\nAMI\u2019s SPx contains\na vulnerability in the BMC where an Attacker\nmay cause an untrusted pointer to dereference by a local network. A successful\nexploitation of this vulnerability may lead to a loss of confidentiality,\nintegrity, and/or availability. \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n",
"id": "GHSA-cpc5-3x63-52vq",
"modified": "2024-01-12T21:30:19Z",
"published": "2024-01-10T00:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34332"
},
{
"type": "WEB",
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
CAPEC-129: Pointer Manipulation
This attack pattern involves an adversary manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.