Vulnerabilities > Use of Uninitialized Resource

DATE CVE VULNERABILITY TITLE RISK
2020-05-21 CVE-2020-13113 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in libexif before 0.6.22.
8.2
2020-05-04 CVE-2020-10933 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0.
network
low complexity
ruby-lang fedoraproject debian CWE-908
5.3
2020-04-29 CVE-2020-2575 Use of Uninitialized Resource vulnerability in Oracle VM Virtualbox
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
high complexity
oracle CWE-908
7.5
2020-04-28 CVE-2020-7451 Use of Uninitialized Resource vulnerability in Freebsd 11.3/12.1
In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosing one byte of kernel memory over the network.
network
low complexity
freebsd CWE-908
5.3
2020-04-24 CVE-2020-6821 Use of Uninitialized Resource vulnerability in Mozilla Firefox
When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero.
network
low complexity
mozilla CWE-908
7.5
2020-04-21 CVE-2020-11828 Use of Uninitialized Resource vulnerability in Oppo Coloros
In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR.
network
low complexity
oppo CWE-908
7.5
2020-04-17 CVE-2019-20785 Use of Uninitialized Resource vulnerability in Google Android 8.0/8.1
An issue was discovered on LG mobile devices with Android OS 8.0 and 8.1 software for the DTAG carrier.
low complexity
google CWE-908
6.8
2020-04-13 CVE-2020-6444 Use of Uninitialized Resource vulnerability in multiple products
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian opensuse CWE-908
6.3
2020-04-01 CVE-2020-1934 Use of Uninitialized Resource vulnerability in multiple products
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
5.3
2020-03-30 CVE-2020-11104 Use of Uninitialized Resource vulnerability in USC Cereal
An issue was discovered in USC iLab cereal through 1.3.0.
network
low complexity
usc CWE-908
5.3