Vulnerabilities > Use of Uninitialized Resource

DATE CVE VULNERABILITY TITLE RISK
2018-10-25 CVE-2018-3970 Use of Uninitialized Resource vulnerability in Sophos Hitmanpro.Alert 3.7.6.744
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744.
local
low complexity
sophos CWE-908
5.5
2018-10-02 CVE-2018-9499 Use of Uninitialized Resource vulnerability in Google Android
In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data.
local
low complexity
google CWE-908
5.5
2018-10-01 CVE-2018-3975 Use of Uninitialized Resource vulnerability in Atlantiswordprocessor Atlantis Word Processor 3.2.6
An exploitable uninitialized variable vulnerability exists in the RTF-parsing functionality of Atlantis Word Processor 3.2.6 version.
local
low complexity
atlantiswordprocessor CWE-908
7.8
2018-08-28 CVE-2018-15911 Use of Uninitialized Resource vulnerability in multiple products
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.
7.8
2018-08-21 CVE-2018-7166 Use of Uninitialized Resource vulnerability in Nodejs Node.Js
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory.
network
low complexity
nodejs CWE-908
7.5
2018-08-15 CVE-2018-8378 Use of Uninitialized Resource vulnerability in Microsoft products
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office.
local
low complexity
microsoft CWE-908
5.5
2018-07-23 CVE-2018-14551 Use of Uninitialized Resource vulnerability in multiple products
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
network
low complexity
imagemagick canonical CWE-908
critical
9.8
2018-06-11 CVE-2018-5160 Use of Uninitialized Resource vulnerability in multiple products
WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use.
network
low complexity
canonical mozilla CWE-908
7.5
2018-06-11 CVE-2018-5095 Use of Uninitialized Resource vulnerability in multiple products
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM.
network
low complexity
debian redhat mozilla canonical CWE-908
critical
9.8
2018-05-22 CVE-2018-11383 Use of Uninitialized Resource vulnerability in Radare Radare2 2.5.0
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.
local
low complexity
radare CWE-908
5.5