Vulnerabilities > Missing Initialization of Resource

DATE CVE VULNERABILITY TITLE RISK
2021-07-30 CVE-2021-36386 Missing Initialization of Resource vulnerability in multiple products
report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages.
network
low complexity
fetchmail fedoraproject CWE-909
7.5
2021-06-24 CVE-2021-23994 Missing Initialization of Resource vulnerability in Mozilla Thunderbird
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write.
network
low complexity
mozilla CWE-909
8.8
2021-06-14 CVE-2021-34693 Missing Initialization of Resource vulnerability in multiple products
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
local
low complexity
linux debian CWE-909
5.5
2021-06-11 CVE-2021-0484 Missing Initialization of Resource vulnerability in Google Android
In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check.
local
low complexity
google CWE-909
5.5
2021-06-11 CVE-2021-22898 Missing Initialization of Resource vulnerability in multiple products
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers.
3.1
2021-06-11 CVE-2021-28687 Missing Initialization of Resource vulnerability in XEN
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions.
local
low complexity
xen CWE-909
5.5
2021-05-20 CVE-2021-23386 Missing Initialization of Resource vulnerability in Dns-Packet Project Dns-Packet
This affects the package dns-packet before 5.2.2.
network
low complexity
dns-packet-project CWE-909
6.5
2021-04-30 CVE-2021-31919 Missing Initialization of Resource vulnerability in Rkyv Project Rkyv
An issue was discovered in the rkyv crate before 0.6.0 for Rust.
network
low complexity
rkyv-project CWE-909
7.5
2021-04-21 CVE-2021-28167 Missing Initialization of Resource vulnerability in Eclipse Openj9
In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries.
network
low complexity
eclipse CWE-909
6.5
2021-04-08 CVE-2021-1405 Missing Initialization of Resource vulnerability in multiple products
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav debian CWE-909
7.5