CWE-457

High likelihood

Use of Uninitialized Variable

Parent: CWE-908 - Use of Uninitialized Resource

The code uses a variable that has not been initialized, leading to unpredictable or unintended results.

172 vulnerabilities with CWE-457
CVE-2024-23137 HIGH
Autodesk AutoCAD 2021-2021.1.4 - Use-After-Free via Malicious STP/SLDPRT File Parsing
CVSS 7.8
CVE-2024-26147 HIGH
Helm < 3.14.2 - Denial of Service via Uninitialized Variable in YAML Parser
CVSS 7.5
CVE-2023-31326 LOW
AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics - Information Disclosure via Uninitialized Variable
CVSS 2.8
CVE-2023-6324 HIGH
ThroughTek Kalay SDK - Info Disclosure
CVSS 8.1
CVE-2023-50188 HIGH
Trimble SketchUp Viewer < 23.2.101 - Remote Code Execution via SKP File Parsing
CVSS 7.8
CVE-2023-42079 MEDIUM
PDF-XChange Editor - Information Disclosure via J2K File Parsing
CVSS 5.5
CVE-2023-42062 HIGH
PDF-XChange Editor - Remote Code Execution via U3D File Parsing
CVSS 7.8
CVE-2023-42056 MEDIUM
PDF-XChange Editor - Information Disclosure via U3D File Parsing
CVSS 5.5
CVE-2023-42048 MEDIUM
PDF-XChange Editor - Information Disclosure via J2K File Parsing
CVSS 5.5
CVE-2023-42046 MEDIUM
PDF-XChange Editor - Information Disclosure via J2K File Parsing
CVSS 5.5
CVE-2023-39484 MEDIUM
PDF-XChange Editor - Information Disclosure via Uninitialized Variable in PDF File Parser
CVSS 5.5
CVE-2023-38088 HIGH
Kofax Power PDF < 5.0.0.10 - Remote Code Execution via Uninitialized Variable in util Object Handling
CVSS 7.8
CVE-2023-34310 HIGH
Ashlar-Vellum Cobalt - Remote Code Execution via Uninitialized Memory in CO File Parser
CVSS 7.8
CVE-2023-31275 HIGH
WPS Office 11.2.0.11537 - Remote Code Execution via Uninitialized Pointer in Excel Data Element Handling
CVSS 8.8
CVE-2023-31192 MEDIUM
SoftEther VPN <5.01.9674 - Info Disclosure
CVSS 5.3
CVE-2023-25588 MEDIUM
Binutils - Denial of Service via Uninitialized Variable in bfd_mach_o_get_synthetic_symtab
CVSS 4.7
CVE-2023-25586 MEDIUM
Binutils - Denial of Service via Uninitialized Variable in bfd_init_section_decompress_status
CVSS 4.7
CVE-2023-25585 MEDIUM
Binutils - Denial of Service via Uninitialized Variable in Module Structure
CVSS 4.7
CVE-2022-40510 CRITICAL
Qualcomm APQ8009 and other firmware - Memory Corruption via EVS Vocoder Buffer Copy
CVSS 9.8
CVE-2022-25737 HIGH
Qualcomm MDM8207 and related firmware - Information Disclosure via Missing NULL Check in Packet Handling
CVSS 7.5
CVE-2022-42432 MEDIUM
Linux Kernel 6.0-rc2 - Info Disclosure
CVSS 4.4
CVE-2022-28320 HIGH
Bentley Microstation and View < 10.16.03 - Remote Code Execution via 3DM File Parsing
CVSS 7.8
CVE-2022-28319 HIGH
Bentley MicroStation CONNECT <10.16.02.034 - RCE
CVSS 7.8
CVE-2022-28317 HIGH
Bentley MicroStation CONNECT 10.16.02.34 - RCE
CVSS 7.8
CVE-2022-34390 HIGH
Dell Alienware Area-51 R5 and R4 Firmware < 2.0.6 - Authenticated Arbitrary Code Execution via SMI
CVSS 7.5
Details
Vulnerabilities 172
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits