CWE-908

Medium likelihood

Use of Uninitialized Resource

Parent: CWE-665 - Improper Initialization

The product uses or accesses a resource that has not been initialized.

761 vulnerabilities with CWE-908
CVE-2020-0272 MEDIUM
Android 11 - Local Information Disclosure via Uninitialized Data in libhwbinder
CVSS 4.4
CVE-2020-0361 MEDIUM
Android 11 - Information Disclosure via Uninitialized Data in libDRCdec
CVSS 6.5
CVE-2020-0340 MEDIUM
Android 11 - Information Disclosure via Uninitialized Data in libcodec2_soft_mp3dec
CVSS 6.5
CVE-2020-0321 HIGH
Android 11 - Out-of-bounds Write in MP3 Extractor
CVSS 8.8
CVE-2020-24753 CRITICAL
Objective Open CBOR Run-time < 2020-08-12 - Memory Corruption via CBOR Major Type 3 Text String Decoding
CVSS 9.8
CVE-2020-16855 MEDIUM
Microsoft Office - Information Disclosure via Uninitialized Variable
CVSS 5.5
CVE-2020-14704 MEDIUM
Oracle VM VirtualBox <5.2.44-6.1.12 - Privilege Escalation
CVSS 6.0
CVE-2020-14703 MEDIUM
Oracle VM VirtualBox <5.2.44-6.1.12 - Privilege Escalation
CVSS 6.0
CVE-2020-1342 MEDIUM
Microsoft 365 Apps and Office - Information Disclosure via Out-of-bounds Read
CVSS 5.5
CVE-2020-15523 HIGH
Python 3.6-3.6.10, 3.7-3.7.8, 3.8-3.8.4rc1, 3.9-3.9.0b4 Windows - Uncontrolled Search Path
CVSS 7.8
CVE-2020-3964 MEDIUM
VMware ESXi 6.5-7.0, Workstation 15.x, Fusion 11.x - Information Leak in EHCI USB Controller
CVSS 4.7
CVE-2020-10732 LOW
Linux Kernel < 3.16.85 - Uninitialized Memory Exposure via Userspace Core Dump
CVSS 3.3
CVE-2020-0195 MEDIUM
Android 10 - Information Disclosure via Uninitialized Data in ihevcd_iquant_itrans_recon_ctb
CVSS 6.5
CVE-2020-13899 HIGH
meetecho janus 0.9.0-0.10.0 - Information Disclosure via Uninitialized Stack Memory
CVSS 7.5
CVE-2020-1322 MEDIUM
Microsoft Project - Information Disclosure via Out-of-Bounds Read
CVSS 6.5
CVE-2020-1206 HIGH
Windows 10 and Windows Server 2016 - Information Disclosure via SMBv3 Uninitialized Memory Read
CVSS 7.5
CVE-2020-13113 HIGH
libexif <0.6.22 - Memory Corruption
CVSS 8.2
CVE-2020-0101 MEDIUM
Android 8.0-10 - Information Disclosure via Uninitialized Data in BnCrypto::onTransact
CVSS 5.5
CVE-2020-10933 MEDIUM
Ruby <2.5.8, <2.6.6, <2.7.1 - Info Disclosure
CVSS 5.3
CVE-2020-2575 HIGH
Oracle VM VirtualBox < 5.2.40 - Authenticated Use of Uninitialized Resource
CVSS 7.5
CVE-2020-7451 MEDIUM
FreeBSD 12.1/11.3 Uninitialized Memory Disclosure via IPv6 TCP Traffic Class
CVSS 5.3
CVE-2020-6821 HIGH
Firefox < 75.0, Firefox ESR < 68.7.0, Thunderbird < 68.7.0 - Information Disclosure via WebGL copyTexSubImage
CVSS 7.5
CVE-2020-11828 HIGH
ColorOS - Information Disclosure via Uninitialized Stack Variable in SurfaceFlinger
CVSS 7.5
CVE-2020-6444 MEDIUM
Google Chrome < 81.0.4044.92 - Use-After-Free in WebRTC
CVSS 6.3
CVE-2020-11494 MEDIUM
Linux Kernel 3.16-5.6.2 - Information Disclosure via Uninitialized can_frame Data in slc_bump
CVSS 4.4
Details
Vulnerabilities 761
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits