Vulnerabilities > Use of Uninitialized Resource

DATE CVE VULNERABILITY TITLE RISK
2020-09-17 CVE-2020-24753 Use of Uninitialized Resource vulnerability in Objective Open Cbor Run-Time Project Objective Open Cbor Run-Time
A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation (CBOR) input to the cbor2json decoder.
network
low complexity
objective-open-cbor-run-time-project CWE-908
critical
9.8
2020-09-08 CVE-2019-14052 Use of Uninitialized Resource vulnerability in Qualcomm products
u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QCS610, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130
network
low complexity
qualcomm CWE-908
critical
9.8
2020-07-15 CVE-2020-14704 Use of Uninitialized Resource vulnerability in multiple products
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse CWE-908
6.0
2020-07-15 CVE-2020-14703 Use of Uninitialized Resource vulnerability in multiple products
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse CWE-908
6.0
2020-07-14 CVE-2020-1342 Use of Uninitialized Resource vulnerability in Microsoft products
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-908
5.5
2020-07-04 CVE-2020-15523 Use of Uninitialized Resource vulnerability in multiple products
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application.
local
low complexity
python netapp CWE-908
7.8
2020-06-25 CVE-2020-3964 Use of Uninitialized Resource vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller.
local
high complexity
vmware CWE-908
4.7
2020-06-10 CVE-2020-13899 Use of Uninitialized Resource vulnerability in Meetecho Janus
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0.
network
low complexity
meetecho CWE-908
7.5
2020-06-09 CVE-2020-1322 Use of Uninitialized Resource vulnerability in Microsoft 365 Apps, Office and Project
An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.
network
low complexity
microsoft CWE-908
6.5
2020-06-09 CVE-2020-1206 Use of Uninitialized Resource vulnerability in Microsoft Windows 10 and Windows Server 2016
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'.
network
low complexity
microsoft CWE-908
7.5