CVE & Exploit Intelligence Database

Updated 2h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,123 CVEs tracked 53,219 with exploits 4,686 exploited in wild 1,539 CISA KEV 3,912 Nuclei templates 37,757 vendors 42,422 researchers

709 results Clear all

CVE-2009-1529 8.1 HIGH EPSS 0.60

Microsoft Internet Explorer - Use of Uninitialized Resource

Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by calling the setCapture method on a collection of crafted objects, aka "Uninitialized Memory Corruption Vulnerability."

CWE-399 Jun 10, 2009

CVE-2009-0949 7.5 HIGH 1 PoC Analysis EPSS 0.21

Apple Cups < 1.3.10 - Use of Uninitialized Resource

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags.

CWE-908 Jun 09, 2009

CVE-2008-3475 8.8 HIGH EPSS 0.59

Microsoft Internet Explorer 6 - Uninitialized Memory Corruption

Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Uninitialized Memory Corruption Vulnerability."

CWE-908 Oct 15, 2008

CVE-2008-4197 8.8 HIGH EPSS 0.05

Opera Browser < 9.52 - Use of Uninitialized Resource

Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut.

CWE-908 Sep 27, 2008

CVE-2008-3688 7.5 HIGH EPSS 0.02

HTTP Antivirus Proxy 0.88 - DoS

sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote attackers to cause a denial of service (hang) by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable.

CWE-908 Aug 14, 2008

CVE-2008-2934 8.8 HIGH EPSS 0.06

Apple Mac OS X - Use of Uninitialized Resource

Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.

CWE-908 Jul 18, 2008

CVE-2008-0063 7.5 HIGH EPSS 0.05

MIT Kerberos 5 < 1.6.3 - Use of Uninitialized Resource

The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."

CWE-908 Mar 19, 2008

CVE-2008-0081 9.8 CRITICAL EXPLOITED 1 PoC Analysis EPSS 0.82

Microsoft Excel - Use of Uninitialized Resource

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490.

CWE-908 Jan 16, 2008

CVE-2007-1751 EPSS 0.61

Microsoft Internet Explorer - Use of Uninitialized Resource

Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to access an uninitialized or deleted object, related to prototype variables and table cells, aka "Uninitialized Memory Corruption Vulnerability."

CWE-908 Jun 12, 2007