Vulnerabilities > Improper Initialization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-15 | CVE-2018-0853 | Improper Initialization vulnerability in Microsoft Office 2010/2013/2016 Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow an information disclosure vulnerability, due to how Office initializes the affected variable, aka "Microsoft Office Information Disclosure Vulnerability". | 4.3 |
| 2018-02-15 | CVE-2018-0810 | Improper Initialization vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Server 2012 The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka "Windows Kernel Information Disclosure Vulnerability". | 1.9 |
| 2018-01-04 | CVE-2018-0746 | Improper Initialization vulnerability in Microsoft products The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Information Disclosure Vulnerability". | 1.9 |
| 2018-01-04 | CVE-2018-0745 | Improper Initialization vulnerability in Microsoft Windows 10 and Windows Server 2016 The Windows kernel in Windows 10 version 1703. | 1.9 |
| 2017-12-26 | CVE-2017-12736 | Improper Initialization vulnerability in Siemens products A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0.1), RUGGEDCOM ROS for all other devices (All versions < ROS V4.3.4), SCALANCE XB-200/XC-200/XP-200/XR300-WG (All versions between V3.0 (including) and V3.0.2 (excluding)), SCALANCE XR-500/XM-400 (All versions between V6.1 (including) and V6.1.1 (excluding)). | 5.8 |
| 2017-12-11 | CVE-2017-15897 | Improper Initialization vulnerability in Nodejs Node.Js Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. | 4.3 |
| 2017-12-06 | CVE-2017-13153 | Improper Initialization vulnerability in Google Android 8.0 An elevation of privilege vulnerability in the Android media framework (libaudioservice). | 7.2 |
| 2017-11-02 | CVE-2017-12262 | Improper Initialization vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, adjacent attacker to gain privileged access to services only available on the internal network of the device. | 5.8 |
| 2017-09-21 | CVE-2017-14681 | Improper Initialization vulnerability in P3Scan Project P3Scan 3.0 The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill `cat /pathname/p3scan.pid`" command, as demonstrated by etc/init.d/p3scan. | 2.1 |
| 2017-09-20 | CVE-2017-14610 | Improper Initialization vulnerability in Bareos bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command. | 4.6 |