CWE-822
AllowedUntrusted Pointer Dereference
Abstraction: Base · Status: Incomplete
The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.
380 vulnerabilities reference this CWE, most recent first.
GHSA-M3H3-GHPX-M4XP
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30PDF-XChange Editor EMF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18766.
{
"affected": [],
"aliases": [
"CVE-2023-27342"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T02:15:11Z",
"severity": "HIGH"
},
"details": "PDF-XChange Editor EMF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18766.",
"id": "GHSA-m3h3-ghpx-m4xp",
"modified": "2024-05-03T03:30:49Z",
"published": "2024-05-03T03:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27342"
},
{
"type": "WEB",
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-354"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M7R7-9V2W-RJCG
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Untrusted pointer dereference in Windows DirectX allows an authorized attacker to execute code locally.
{
"affected": [],
"aliases": [
"CVE-2026-50382"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T18:17:39Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Windows DirectX allows an authorized attacker to execute code locally.",
"id": "GHSA-m7r7-9v2w-rjcg",
"modified": "2026-07-14T18:32:19Z",
"published": "2026-07-14T18:32:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50382"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50382"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M8PR-X6WC-R486
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2023-10-03 15:30This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.3.84 (package 16.6.3.134). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12691.
{
"affected": [],
"aliases": [
"CVE-2021-31504"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-03T16:15:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.3.84 (package 16.6.3.134). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12691.",
"id": "GHSA-m8pr-x6wc-r486",
"modified": "2023-10-03T15:30:27Z",
"published": "2022-05-24T19:09:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31504"
},
{
"type": "WEB",
"url": "https://www.cvedetails.com/vulnerability-list/vendor_id-2032/product_id-96672/Opentext-Brava-Desktop.html?page=1\u0026opec=1\u0026order=1\u0026trc=35\u0026sha=37f4ed0596f8ccacca7d571f22a38c97b0f19f4c"
},
{
"type": "WEB",
"url": "https://www.opentext.com/products/brava"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-646"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M972-QPP6-2R94
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17909.
{
"affected": [],
"aliases": [
"CVE-2023-34301"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T02:15:31Z",
"severity": "HIGH"
},
"details": "Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17909.",
"id": "GHSA-m972-qpp6-2r94",
"modified": "2024-05-03T03:30:52Z",
"published": "2024-05-03T03:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34301"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-861"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MCFJ-JV8P-VP64
Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2023-10-03 15:30This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12746.
{
"affected": [],
"aliases": [
"CVE-2021-31500"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-15T19:15:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12746.",
"id": "GHSA-mcfj-jv8p-vp64",
"modified": "2023-10-03T15:30:27Z",
"published": "2022-05-24T19:05:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31500"
},
{
"type": "WEB",
"url": "https://www.cvedetails.com/vulnerability-list/vendor_id-2032/product_id-96672/Opentext-Brava-Desktop.html?page=1\u0026opec=1\u0026order=1\u0026trc=35\u0026sha=37f4ed0596f8ccacca7d571f22a38c97b0f19f4c"
},
{
"type": "WEB",
"url": "https://www.opentext.com/products/brava"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-640"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MF5X-MV5H-4G8W
Vulnerability from github – Published: 2024-10-08 18:33 – Updated: 2024-10-08 18:33Windows Secure Kernel Mode Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-43516"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-08T18:15:14Z",
"severity": "HIGH"
},
"details": "Windows Secure Kernel Mode Elevation of Privilege Vulnerability",
"id": "GHSA-mf5x-mv5h-4g8w",
"modified": "2024-10-08T18:33:15Z",
"published": "2024-10-08T18:33:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43516"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43516"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MFPJ-F925-V5GX
Vulnerability from github – Published: 2023-06-14 00:30 – Updated: 2025-10-22 00:32Windows TPM Device Driver Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2023-29360"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-14T00:15:10Z",
"severity": "HIGH"
},
"details": "Windows TPM Device Driver Elevation of Privilege Vulnerability",
"id": "GHSA-mfpj-f925-v5gx",
"modified": "2025-10-22T00:32:44Z",
"published": "2023-06-14T00:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29360"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29360"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MHC8-F455-FQC9
Vulnerability from github – Published: 2024-09-10 18:30 – Updated: 2024-09-10 18:30Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-37340"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-10T17:15:18Z",
"severity": "HIGH"
},
"details": "Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability",
"id": "GHSA-mhc8-f455-fqc9",
"modified": "2024-09-10T18:30:45Z",
"published": "2024-09-10T18:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37340"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37340"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MP8H-QMXP-C39W
Vulnerability from github – Published: 2022-05-05 00:00 – Updated: 2022-05-13 00:00On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.
{
"affected": [],
"aliases": [
"CVE-2022-20796"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-476",
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-04T17:15:00Z",
"severity": "MODERATE"
},
"details": "On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.",
"id": "GHSA-mp8h-qmxp-c39w",
"modified": "2022-05-13T00:00:38Z",
"published": "2022-05-05T00:00:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20796"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MQGX-JHMV-PH2P
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of App objects. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20729.
{
"affected": [],
"aliases": [
"CVE-2023-40471"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T03:15:19Z",
"severity": "HIGH"
},
"details": "PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of App objects. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20729.",
"id": "GHSA-mqgx-jhmv-ph2p",
"modified": "2024-05-03T03:30:58Z",
"published": "2024-05-03T03:30:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40471"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1150"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
CAPEC-129: Pointer Manipulation
This attack pattern involves an adversary manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.