CWE-822
AllowedUntrusted Pointer Dereference
Abstraction: Base · Status: Incomplete
The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.
380 vulnerabilities reference this CWE, most recent first.
GHSA-CR45-2CWV-7V3M
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30PDF-XChange Editor JavaScript String Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of strings. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20730.
{
"affected": [],
"aliases": [
"CVE-2023-40472"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T03:15:19Z",
"severity": "HIGH"
},
"details": "PDF-XChange Editor JavaScript String Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of strings. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20730.",
"id": "GHSA-cr45-2cwv-7v3m",
"modified": "2024-05-03T03:30:58Z",
"published": "2024-05-03T03:30:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40472"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1149"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CR72-PPQ4-X5Q2
Vulnerability from github – Published: 2025-07-08 18:31 – Updated: 2025-07-08 18:31Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2025-47985"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-08T17:15:39Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-cr72-ppq4-x5q2",
"modified": "2025-07-08T18:31:45Z",
"published": "2025-07-08T18:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47985"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47985"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CVQR-F3J3-PP87
Vulnerability from github – Published: 2026-07-15 03:32 – Updated: 2026-07-15 03:32Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protections. Refer to the ' Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
{
"affected": [],
"aliases": [
"CVE-2026-15029"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-15T02:18:13Z",
"severity": "HIGH"
},
"details": "Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protections.\nRefer to the \u0027\u00a0\nSecurity Update for ASUS System Control Interface\u00a0\u00a0\u0027 section on the ASUS Security Advisory for more information.",
"id": "GHSA-cvqr-f3j3-pp87",
"modified": "2026-07-15T03:32:51Z",
"published": "2026-07-15T03:32:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-15029"
},
{
"type": "WEB",
"url": "https://www.asus.com/security-advisory"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CWWV-G5CV-G7HC
Vulnerability from github – Published: 2026-01-13 18:31 – Updated: 2026-01-13 18:31Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
{
"affected": [],
"aliases": [
"CVE-2026-20948"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-13T18:16:22Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.",
"id": "GHSA-cwwv-g5cv-g7hc",
"modified": "2026-01-13T18:31:10Z",
"published": "2026-01-13T18:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20948"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20948"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CX2C-WMGW-26RG
Vulnerability from github – Published: 2025-09-23 18:30 – Updated: 2025-10-02 15:31Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.2.0 before 7.3.0.9.
{
"affected": [],
"aliases": [
"CVE-2025-1255"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-23T18:15:31Z",
"severity": "HIGH"
},
"details": "Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.2.0 before 7.3.0.9.",
"id": "GHSA-cx2c-wmgw-26rg",
"modified": "2025-10-02T15:31:14Z",
"published": "2025-09-23T18:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1255"
},
{
"type": "WEB",
"url": "https://www.rti.com/vulnerabilities/#cve-2025-1255"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CXR7-WQW9-GW4W
Vulnerability from github – Published: 2024-08-13 18:31 – Updated: 2024-08-13 18:31Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-38187"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-13T18:15:27Z",
"severity": "HIGH"
},
"details": "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability",
"id": "GHSA-cxr7-wqw9-gw4w",
"modified": "2024-08-13T18:31:17Z",
"published": "2024-08-13T18:31:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38187"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38187"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F655-465J-G9VH
Vulnerability from github – Published: 2025-11-11 18:30 – Updated: 2025-11-11 18:30Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2025-60703"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-11T18:15:37Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-f655-465j-g9vh",
"modified": "2025-11-11T18:30:21Z",
"published": "2025-11-11T18:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60703"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60703"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F8JP-V63X-5QQW
Vulnerability from github – Published: 2025-09-09 18:31 – Updated: 2025-09-09 18:31Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
{
"affected": [],
"aliases": [
"CVE-2025-54905"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-09T17:16:02Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.",
"id": "GHSA-f8jp-v63x-5qqw",
"modified": "2025-09-09T18:31:22Z",
"published": "2025-09-09T18:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54905"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54905"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F92R-WCGF-9W93
Vulnerability from github – Published: 2025-10-09 06:30 – Updated: 2025-10-09 06:30Memory corruption while processing camera platform driver IOCTL calls.
{
"affected": [],
"aliases": [
"CVE-2025-27048"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-09T04:16:38Z",
"severity": "HIGH"
},
"details": "Memory corruption while processing camera platform driver IOCTL calls.",
"id": "GHSA-f92r-wcgf-9w93",
"modified": "2025-10-09T06:30:24Z",
"published": "2025-10-09T06:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27048"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FGMC-2V94-P53G
Vulnerability from github – Published: 2025-10-14 18:30 – Updated: 2025-10-14 18:30Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2025-55677"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-14T17:15:47Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-fgmc-2v94-p53g",
"modified": "2025-10-14T18:30:31Z",
"published": "2025-10-14T18:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55677"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55677"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
CAPEC-129: Pointer Manipulation
This attack pattern involves an adversary manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.