Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

CVEs (752)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-36012 1Microsoft 5Windows Server 2008 Windows Server 2012Windows Server 2016+2 more Nov 21, 2024 Dec 12, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 DHCP Server Service Information Disclosure Vulnerability
CVE-2023-31275 1Kingsoft 1Wps Office Nov 4, 2025 Nov 27, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially crafted malformed file can lead to remote code execution. An atta...Show more An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially crafted malformed file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.Show less
CVE-2023-46100 1Openatom 1Openharmony Nov 21, 2024 Nov 20, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information through use of uninitialized resource.
CVE-2023-38151 1Microsoft 2Host Integration Server Ole Db Provider Nov 21, 2024 Nov 14, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
CVE-2023-36398 1Microsoft 12Windows 10 1507 Windows 10 1607Windows 10 1809+9 more Nov 21, 2024 Nov 14, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Windows NTFS Information Disclosure Vulnerability
CVE-2023-45663 1Nothings 1Stb Image.h Nov 21, 2024 Oct 21, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 stb_image is a single file MIT licensed library for processing images. The stbi__getn function reads a specified number of bytes from context (typically a file) into the specified buffer. In case the file stream points t...Show more stb_image is a single file MIT licensed library for processing images. The stbi__getn function reads a specified number of bytes from context (typically a file) into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not checked: In the `stbi__hdr_load` function and in the `stbi__tga_load` function. The latter of the two is likely more exploitable as an attacker may also control the size of an uninitialized buffer.Show less
CVE-2023-31192 1Softether 1Vpn Nov 4, 2025 Oct 12, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can perfor...Show more An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.Show less
CVE-2023-36713 1Microsoft 12Windows 10 1507 Windows 10 1607Windows 10 1809+9 more Nov 21, 2024 Oct 10, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2023-36704 1Microsoft 2Windows 10 1809 Windows Server 2019 Nov 21, 2024 Oct 10, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Setup Files Cleanup Remote Code Execution Vulnerability
CVE-2023-36567 1Microsoft 11Windows 10 1507 Windows 10 1809Windows 10 21h1+8 more Nov 21, 2024 Oct 10, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Windows Deployment Services Information Disclosure Vulnerability
CVE-2023-25588 1Gnu 1Binutils Nov 21, 2024 Sep 14, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.
CVE-2023-25586 1Gnu 1Binutils Nov 21, 2024 Sep 14, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.
CVE-2023-25585 1Gnu 1Binutils Nov 21, 2024 Sep 14, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service.
CVE-2023-38140 1Microsoft 8Windows 10 1607 Windows 10 1809Windows 10 21h2+5 more Apr 8, 2025 Sep 12, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Windows Kernel Information Disclosure Vulnerability
CVE-2023-21276 1Google 1Android Nov 21, 2024 Aug 14, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In writeToParcel of CursorWindow.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction...Show more In writeToParcel of CursorWindow.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Show less
CVE-2023-21233 1Google 1Android Nov 21, 2024 Aug 14, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not nee...Show more In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Show less
CVE-2023-22330 1Intel 88Nuc 11 Compute Element Cm11ebc4w Firmware Nuc 11 Compute Element Cm11ebi38w FirmwareNuc 11 Compute Element Cm11ebi58w Firmware+85 more Nov 21, 2024 Aug 11, 2023 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Use of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
CVE-2023-36913 1Microsoft 12Windows 10 Windows 10 1607Windows 10 1809+9 more Nov 21, 2024 Aug 8, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2023-3488 1Silabs 1Gecko Software Development Kit Nov 21, 2024 Jul 28, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file.
CVE-2023-36836 1Juniper 2Junos Junos Os Evolved Nov 21, 2024 Jul 14, 2023 N/A· v4 4.7 MEDIUM· v3 N/A· v2 A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Serv...Show more A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, in a Multicast only Fast Reroute (MoFRR) scenario, the rpd process can crash when a a specific low privileged CLI command is executed. The rpd crash will impact all routing protocols until the process has automatically been restarted. As the operational state which makes this issue exploitable is outside the attackers control, this issue is considered difficult to exploit. Continued execution of this command will lead to a sustained DoS. This issue affects: Juniper Networks Junos OS 19.4 version 19.4R3-S5 and later versions prior to 19.4R3-S9; 20.1 version 20.1R2 and later versions; 20.2 versions prior to 20.2R3-S7; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S6; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2; 22.2 versions prior to 22.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S6-EVO; 21.1-EVO version 21.1R1-EVO and later versions; 21.2-EVO version 21.2R1-EVO and later versions; 21.3-EVO versions prior to 21.3R3-S1-EVO; 21.4-EVO versions prior to 21.4R3-EVO; 22.1-EVO versions prior to 22.1R1-S2-EVO, 22.1R2-EVO; 22.2-EVO versions prior to 22.2R2-EVO. Show less

Previous 1...202122...38 Next