CWE-822
AllowedUntrusted Pointer Dereference
Abstraction: Base · Status: Incomplete
The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.
380 vulnerabilities reference this CWE, most recent first.
GHSA-PX3R-P5PH-HG48
Vulnerability from github – Published: 2023-11-14 18:30 – Updated: 2025-10-22 00:32Windows DWM Core Library Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2023-36033"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-14T18:15:32Z",
"severity": "HIGH"
},
"details": "Windows DWM Core Library Elevation of Privilege Vulnerability",
"id": "GHSA-px3r-p5ph-hg48",
"modified": "2025-10-22T00:32:53Z",
"published": "2023-11-14T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36033"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36033"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36033"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q5MJ-PV22-GX44
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of XE files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17948.
{
"affected": [],
"aliases": [
"CVE-2023-34300"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T02:15:30Z",
"severity": "HIGH"
},
"details": "Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17948.",
"id": "GHSA-q5mj-pv22-gx44",
"modified": "2024-05-03T03:30:52Z",
"published": "2024-05-03T03:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34300"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-860"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q8C2-3RHW-WC9H
Vulnerability from github – Published: 2024-04-09 18:30 – Updated: 2024-04-09 18:30Windows rndismp6.sys Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-26252"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-09T17:15:46Z",
"severity": "MODERATE"
},
"details": "Windows rndismp6.sys Remote Code Execution Vulnerability",
"id": "GHSA-q8c2-3rhw-wc9h",
"modified": "2024-04-09T18:30:26Z",
"published": "2024-04-09T18:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26252"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26252"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q8G8-H36V-WCV9
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
{
"affected": [],
"aliases": [
"CVE-2026-55136"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T18:18:20Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.",
"id": "GHSA-q8g8-h36v-wcv9",
"modified": "2026-07-14T18:32:36Z",
"published": "2026-07-14T18:32:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-55136"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55136"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q948-5M38-H2RM
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Untrusted pointer dereference in Windows USB Hub Driver allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2026-50479"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T18:17:53Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference in Windows USB Hub Driver allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-q948-5m38-h2rm",
"modified": "2026-07-14T18:32:26Z",
"published": "2026-07-14T18:32:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50479"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50479"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QMX6-W9C6-PRH5
Vulnerability from github – Published: 2026-05-12 18:30 – Updated: 2026-05-12 18:30Untrusted pointer dereference for some Intel(R) QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
{
"affected": [],
"aliases": [
"CVE-2026-20738"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-12T17:16:16Z",
"severity": "HIGH"
},
"details": "Untrusted pointer dereference for some Intel(R) QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.",
"id": "GHSA-qmx6-w9c6-prh5",
"modified": "2026-05-12T18:30:39Z",
"published": "2026-05-12T18:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20738"
},
{
"type": "WEB",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QR6C-XFWP-C8RR
Vulnerability from github – Published: 2024-10-08 18:33 – Updated: 2024-10-08 18:33Windows Print Spooler Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-43529"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-08T18:15:17Z",
"severity": "HIGH"
},
"details": "Windows Print Spooler Elevation of Privilege Vulnerability",
"id": "GHSA-qr6c-xfwp-c8rr",
"modified": "2024-10-08T18:33:16Z",
"published": "2024-10-08T18:33:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43529"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43529"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QRQG-QPC8-3VW4
Vulnerability from github – Published: 2026-01-13 18:31 – Updated: 2026-01-13 18:31Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.
{
"affected": [],
"aliases": [
"CVE-2026-20935"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-13T18:16:20Z",
"severity": "MODERATE"
},
"details": "Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.",
"id": "GHSA-qrqg-qpc8-3vw4",
"modified": "2026-01-13T18:31:10Z",
"published": "2026-01-13T18:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20935"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20935"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QRX3-CFVV-P9X8
Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2022-10-07 00:01A vulnerability has been identified in JT2Go (All Versions < V13.1.0), JT2Go (V 13.1.0), Teamcenter Visualization (All Versions < V13.1.0), Teamcenter Visualization (V 13.1.0). Affected applications lack proper validation of user-supplied data when parsing ASM files. This could lead to pointer dereferences of a value obtained from untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process.
{
"affected": [],
"aliases": [
"CVE-2020-26991"
],
"database_specific": {
"cwe_ids": [
"CWE-476",
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-12T21:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in JT2Go (All Versions \u003c V13.1.0), JT2Go (V 13.1.0), Teamcenter Visualization (All Versions \u003c V13.1.0), Teamcenter Visualization (V 13.1.0). Affected applications lack proper validation of user-supplied data when parsing ASM files. This could lead to pointer dereferences of a value obtained from untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"id": "GHSA-qrx3-cfvv-p9x8",
"modified": "2022-10-07T00:01:03Z",
"published": "2022-05-24T17:38:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26991"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-053"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QV45-76WR-JP6V
Vulnerability from github – Published: 2026-01-05 21:30 – Updated: 2026-01-05 21:30An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service.
{
"affected": [],
"aliases": [
"CVE-2025-52516"
],
"database_specific": {
"cwe_ids": [
"CWE-822"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-05T19:15:56Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service.",
"id": "GHSA-qv45-76wr-jp6v",
"modified": "2026-01-05T21:30:32Z",
"published": "2026-01-05T21:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52516"
},
{
"type": "WEB",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates"
},
{
"type": "WEB",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-52516"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
CAPEC-129: Pointer Manipulation
This attack pattern involves an adversary manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.