Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-457

CWE-457

High likelihood

Use of Uninitialized Variable

Parent: CWE-908 - Use of Uninitialized Resource

The code uses a variable that has not been initialized, leading to unpredictable or unintended results.

172 vulnerabilities with CWE-457

CVE-2026-2806 CRITICAL

Firefox < 148.0 - Use of Uninitialized Variable in Graphics Text Component

CVE-2026-1333 HIGH

SOLIDWORKS Desktop <2026 - Code Injection

CVE-2026-21690 MEDIUM

iccDEV < 2.3.1.2 - Type Confusion in CIccTagXmlTagData::ToXml()

CVE-2026-22188 MEDIUM

Panda3D <= 1.10.16 - Denial of Service via Unbounded Stack Allocation in deploy-stub

CVE-2025-13763 MEDIUM

Libopensc: opensc: multiple uses of uninitialized variable

CVE-2025-58466 MEDIUM

QNAP QTS and QuTS hero - Use of Uninitialized Variable

CVE-2025-29952 MEDIUM

AMD EPYC 9005 Series Processors - Authenticated Memory Integrity Loss via SEV Firmware Improper Initialization

CVE-2025-32467 MEDIUM

TDX Module <tdx1.5 - Info Disclosure

CVE-2025-47348 HIGH

Qualcomm Trusted Application Firmware - Memory Corruption

CVE-2025-20784 MEDIUM

Display < - Memory Corruption

CVE-2025-10021 HIGH

Open Design Alliance Drawings SDK (mt) <2026.12 - Use After Free

CVE-2025-36935 HIGH

Android - Memory Corruption via Uninitialized Data in trusty_ffa_mem_reclaim

CVE-2025-65295 HIGH

Aqara Hub <4.1.9_0027-4.3.6_0025 - RCE

CVE-2025-20771 MEDIUM

Google Android Improper Input Validation - Privilege Escalation

CVE-2025-20766 HIGH

Android - Local Privilege Escalation via Display Memory Corruption

CVE-2025-64181 HIGH

OpenEXR 3.3.0-3.3.5 3.4.0-3.4.2 - Use of Uninitialized Variable in generic_unpack

CVE-2025-58071 HIGH

F5 BIG-IP 15.1.0-15.1.10.8 - Denial of Service via IPsec Traffic

CVE-2025-7984 HIGH

Ashlar-Vellum Cobalt - Remote Code Execution via AR File Parsing

CVE-2025-7981 HIGH

Ashlar-Vellum Graphite - Remote Code Execution via VC6 File Parsing

CVE-2025-7978 HIGH

Ashlar-Vellum Graphite - Remote Code Execution via VC6 File Parsing

CVE-2025-59348 HIGH

Dragonfly < 2.1.0 - Denial of Service via Uninitialized Variable in ProcessPieceFromSource

CVE-2025-9450 HIGH

SOLIDWORKS Desktop 2025 - Code Injection

CVE-2025-26448 MEDIUM

Android - Local Information Disclosure via Uninitialized Data in CursorWindow.cpp

CVE-2025-0081 HIGH

dng Lossless Decoder < - Memory Corruption

CVE-2025-9181 MEDIUM

Firefox and Thunderbird - Use of Uninitialized Variable in JavaScript Engine

Previous Page 3 of 7 Next

Details

Vulnerabilities 172

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy