CWE-665
Medium likelihoodImproper Initialization
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
347 vulnerabilities with CWE-665
CVE-2017-3820
MEDIUM
Cisco IOS XE 15.5(3)S2.1 15.6(1)S1.1 - Authenticated Denial of Service via SNMP Functions
CVSS 6.5
CVE-2016-1000109
MEDIUM
HHVM < 3.9.6, 3.10.0-3.12.4, 3.13.0-3.14.2 - HTTP Proxy Header Injection via HTTP_PROXY Environment Variable
CVSS 5.3
CVE-2016-9594
MEDIUM
curl < 7.52.1 - Improper Initialization in Random Value Generation
CVSS 6.5
CVE-2016-9446
HIGH
GStreamer < 1.11.1 - Information Disclosure via VMNC Decoder Canvas Initialization
CVSS 7.5
CVE-2016-6836
MEDIUM
QEMU < 2.7.1 - Information Disclosure via Uninitialized txcq_descr Object
CVSS 6.0
CVE-2015-8367
CRITICAL
LibRaw < 0.17.1 - Memory Corruption via Improper Initialization in phase_one_correct
CVSS 9.8
CVE-2014-8181
MEDIUM
Red Hat Enterprise Linux 7 & MRG-2 - Info Disclosure
CVSS 5.5
CVE-2014-9942
HIGH
Boot in Android - Use of Uninitialized Variable
CVSS 7.8
CVE-2014-4371
Apple tvOS < 6.2 - Information Disclosure via Uninitialized Kernel Memory
CVE-2014-0178
Samba 3.6.6-4.1.8 - Info Disclosure
CVE-2013-1634
HIGH
Intel 82574L Controller Firmware < 2013-02-06 - Denial of Service via Malformed Packet Parsing
CVSS 7.5
CVE-2013-1675
MEDIUM
KEV
Mozilla Firefox <21 - Info Disclosure
CVSS 6.5
CVE-2012-0012
Microsoft Internet Explorer 9 - Information Disclosure via Improper String Object Initialization
CVE-2011-4087
HIGH
Linux Kernel < 2.6.39 - Denial of Service via Uninitialized Data Structure in br_parse_ip_options
CVSS 7.5
CVE-2011-3927
Google Chrome < 16.0.912.77 - Denial of Service via Skia Initialization Issue
CVE-2010-4655
MEDIUM
Linux kernel <2.6.36 - Info Disclosure
CVSS 5.5
CVE-2010-4343
MEDIUM
Linux Kernel < 2.6.35 - Denial of Service via Uninitialized Port Data Structure
CVSS 5.5
CVE-2008-3637
HIGH
Apple Mac OS X 10.4.11, 10.5.4, 10.5.5 - Remote Code Execution via Uninitialized HMAC Variable
CVSS 8.8
CVE-2008-0062
CRITICAL
MIT Kerberos 5 < 1.6.3 - Denial of Service and Possible Remote Code Execution via Crafted KRB4 Messages
CVSS 9.8
CVE-2007-3749
HIGH
Apple Mac OS X 10.4-10.4.10 - Code Injection
CVSS 7.8
CVE-2001-1471
HIGH
phpbb < 1.4.0 - Authenticated Remote Code Execution via Invalid Language Value
CVSS 8.8
CVE-1999-0993
Microsoft Exchange <5.5 - Info Disclosure
Details
Vulnerabilities
347
Exploit Likelihood
Medium