Vulnerabilities > Use of Uninitialized Resource

DATE CVE VULNERABILITY TITLE RISK
2019-06-04 CVE-2019-12730 Use of Uninitialized Resource vulnerability in Ffmpeg
aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables.
network
low complexity
ffmpeg CWE-908
critical
9.8
2019-06-03 CVE-2019-9824 Use of Uninitialized Resource vulnerability in Qemu 3.0.0
tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.
local
low complexity
qemu CWE-908
5.5
2019-05-15 CVE-2019-11833 Use of Uninitialized Resource vulnerability in multiple products
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
5.5
2019-05-09 CVE-2019-11323 Use of Uninitialized Resource vulnerability in Haproxy
HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys.
network
high complexity
haproxy CWE-908
5.9
2019-04-26 CVE-2019-9805 Use of Uninitialized Resource vulnerability in Mozilla Firefox
A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption.
network
low complexity
mozilla CWE-908
critical
9.8
2019-04-25 CVE-2018-18366 Use of Uninitialized Resource vulnerability in Symantec products
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.
local
low complexity
symantec CWE-908
6.5
2019-04-22 CVE-2019-11459 Use of Uninitialized Resource vulnerability in multiple products
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
5.5
2019-03-09 CVE-2019-9641 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp CWE-908
critical
9.8
2019-03-05 CVE-2019-9578 Use of Uninitialized Resource vulnerability in Yubico Libu2F-Host
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device.
network
low complexity
yubico CWE-908
7.5
2019-02-11 CVE-2018-12011 Use of Uninitialized Resource vulnerability in Google Android
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Uninitialized data for socket address leads to information exposure.
local
low complexity
google CWE-908
5.5