Vulnerabilities > Improper Initialization

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-28737 Improper Initialization vulnerability in Intel Aptio V Uefi Firmware Integrator Tools 5.27.03.0003/5.27.06.0017
Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-665
7.8
2023-11-01 CVE-2023-1719 Improper Initialization vulnerability in Bitrix24 22.0.300
Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to (1) enumerate attachments on the server and (2) execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via overwriting uninitialised variables.
network
low complexity
bitrix24 CWE-665
critical
9.8
2023-10-04 CVE-2023-5370 Improper Initialization vulnerability in Freebsd 13.2
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized.
local
low complexity
freebsd CWE-665
5.5
2023-09-20 CVE-2023-20594 Improper Initialization vulnerability in AMD products
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
local
low complexity
amd CWE-665
4.4
2023-09-20 CVE-2023-20597 Improper Initialization vulnerability in AMD products
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
local
low complexity
amd CWE-665
5.5
2023-08-22 CVE-2020-35342 Improper Initialization vulnerability in GNU Binutils
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak.
network
low complexity
gnu CWE-665
7.5
2023-08-16 CVE-2023-40349 Improper Initialization vulnerability in Jenkins Gogs
Jenkins Gogs Plugin 1.0.15 and earlier improperly initializes an option to secure its webhook endpoint, allowing unauthenticated attackers to trigger builds of jobs.
network
low complexity
jenkins CWE-665
5.3
2023-08-11 CVE-2022-38083 Improper Initialization vulnerability in Intel products
Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-665
4.4
2023-08-11 CVE-2023-22356 Improper Initialization vulnerability in Intel products
Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-665
4.4
2023-08-11 CVE-2023-22444 Improper Initialization vulnerability in Intel products
Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-665
4.4