Vulnerabilities > Improper Initialization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-29 | CVE-2017-8576 | Improper Initialization vulnerability in Microsoft Windows 10 and Windows Server 2016 The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability." | 6.9 |
| 2017-06-14 | CVE-2017-0641 | Improper Initialization vulnerability in Google Android A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 7.1 |
| 2017-06-06 | CVE-2014-9942 | Improper Initialization vulnerability in Google Android In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist. | 9.3 |
| 2017-02-03 | CVE-2017-3820 | Improper Initialization vulnerability in Cisco IOS XE 3.13.6S/3.16.2S/3.17.1S A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. | 6.8 |
| 2017-01-23 | CVE-2016-9446 | Improper Initialization vulnerability in multiple products The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas. | 7.5 |
| 2016-12-10 | CVE-2016-6836 | Improper Initialization vulnerability in multiple products The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object. | 6.0 |
| 2014-09-18 | CVE-2014-4371 | Improper Initialization vulnerability in Apple Iphone OS, mac OS X and Tvos The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421. | 1.9 |
| 2014-05-28 | CVE-2014-0178 | Improper Initialization vulnerability in Samba Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request. | 3.5 |
| 2013-06-08 | CVE-2011-4087 | Improper Initialization vulnerability in Linux Kernel The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an Ethernet bridge device. | 7.5 |
| 2012-02-14 | CVE-2012-0012 | Improper Initialization vulnerability in Microsoft Internet Explorer 9 Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure Vulnerability." | 4.3 |