In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtio_bt: clamp rx length before skb_put virtbt_rx_work() calls skb_put(skb, len) where len comes directly from virtqueue_get_buf() with no validation against the buffer we posted to the device. The RX skb is allocated in virtbt_add_inbuf() and exposed to virtio as exactly 1000 bytes via sg_init_one(). Checking len…

CVSS: 7.7 · CWE: N/A

View on NVD

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc->length update can be reordered before the memmove. If this happens, wdm_read() can see the new length and call copy_to_user() on uninitialized memory. This also violates LKMM…

CVSS: 7.1 · CWE: CWE-125

View on NVD

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

CVSS: 7.3 · CWE: CWE-457

View on NVD

Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

CVSS: 7.5 · CWE: CWE-908

View on NVD

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

CVSS: 9.8 · CWE: CWE-457

View on NVD

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process which leads to sensitive data leakage to an attacker. RSA_public_encrypt() returns the number of bytes…

CVSS: 7.5 · CWE: CWE-754

View on NVD

Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

CVSS: 9.1 · CWE: CWE-908

View on NVD

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

CVSS: 9.1 · CWE: CWE-908

View on NVD

lz4_flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values during LZ4 "match copy operations," allowing out-of-bounds reads from the output buffer. The block-…

CVSS: 7.5 · CWE: CWE-201

View on NVD

Uninitialized memory in the Graphics: Text component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.

CVSS: 9.1 · CWE: CWE-908

View on NVD

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148.

CVSS: 7.5 · CWE: CWE-908

View on NVD

GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PGM files. The issue results from t…

CVSS: 7.8 · CWE: CWE-908

View on NVD

n8n is an open source workflow automation platform. From version 1.65.0 to before 1.114.3, the use of Buffer.allocUnsafe() and Buffer.allocUnsafeSlow() in the task runner allowed untrusted code to allocate uninitialized memory. Such uninitialized buffers could contain residual data from within the same Node.js process (for example, data from prior requests, tasks, secrets, or tokens), resulting i…

CVSS: 7.7 · CWE: CWE-200

View on NVD

A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the `vm` module with the timeout option. Under specific timing conditions, buffers allocated with `Buffer.alloc` and other `TypedArray` instances like `Uint8Array` may contain leftover data from previous operations, allowing in-process secrets like tokens or passwords to leak o…

CVSS: 7.1 · CWE: CWE-120

View on NVD

Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.

CVSS: 7.5 · CWE: CWE-908

View on NVD

A Use of Uninitialized Variable vulnerability exists in Open Design Alliance Drawings SDK static versions (mt) before 2026.12. Static object `COdaMfcAppApp theApp` may access `OdString::kEmpty` before its initialization. Due to undefined initialization order of static objects across translation units (Static Initialization Order Fiasco), the application accesses uninitialized memory. This results…

CVSS: 7.0 · CWE: CWE-457

View on NVD

A vulnerability has been identified in Simcenter Femap (All versions < V2512). The affected applications contains an uninitialized memory vulnerability while parsing specially crafted SLDPRT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-27146)

CVSS: 7.8 · CWE: CWE-908

View on NVD

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing `openexr_exrcheck_fuzzer`, Valgrind reports a conditional branch depending on uninitialized data inside `generic_unpack`. This indicates a use of uninitialized memory. The issue can r…

CVSS: 7.5 · CWE: CWE-457

View on NVD

When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string. This vulnerability was fixed in Firefox 136 and Thunderbird 136.

CVSS: 9.8 · CWE: CWE-908

View on NVD

Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

CVSS: 7.0 · CWE: CWE-787

View on NVD

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

CVSS: 7.5 · CWE: CWE-908

View on NVD

In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALGN(4) + data ... 55 ============= ================== ========================= 56 Field name Field size Mea…

CVSS: 7.8 · CWE: CWE-787

View on NVD

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map (like in case of .rodata), it was still possible to write into it from a BPF program side through specific helpers having ARG_PTR_TO_{LONG,INT} as arguments. In check_func_arg() when the argument is as mentioned, the m…

CVSS: 7.1 · CWE: N/A

View on NVD

In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak [1] of 4 bytes. After analysis, it turned out r->idiag_expires is not initialized if inet_sctp_diag_fill() calls inet_diag_msg_common_fill() Make sure to clear idiag_timer/idiag_retrans/idiag_expires and let inet_diag_msg_sctpasoc_fill() fill them ag…

CVSS: 7.1 · CWE: CWE-401

View on NVD

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Syzbot reported the following information leak for in btrfs_ioctl_logical_to_ino(): BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x110 lib/usercopy.c:40 instru…

CVSS: 7.1 · CWE: CWE-908

View on NVD

Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of AR f…

CVSS: 7.8 · CWE: CWE-824

View on NVD

Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XE f…

CVSS: 7.8 · CWE: CWE-824

View on NVD

Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XE f…

CVSS: 7.8 · CWE: CWE-824

View on NVD

Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CO files. The issue…

CVSS: 7.8 · CWE: CWE-457

View on NVD

The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server.

CVSS: 8.1 · CWE: CWE-787

View on NVD

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107, function `pci_vtsock_proc_tx` in `virtio-sock` can lead to to uninitialized memory use. In this situation, there is a check for the return value to be less or equal to `VTSOCK_MAXSEGS`, but that check is not sufficient because the function can return `-1` if it finds an error it cannot recover f…

CVSS: 7.7 · CWE: CWE-908

View on NVD

Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.

CVSS: 7.8 · CWE: CWE-908

View on NVD

Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.

CVSS: 7.8 · CWE: CWE-908

View on NVD

Scylla is a real-time big data database that is API-compatible with Apache Cassandra and Amazon DynamoDB. When decompressing CQL frame received from user, Scylla assumes that user-provided uncompressed length is correct. If user provides fake length, that is greater than the real one, part of decompression buffer won't be overwritten, and will be left uninitialized. This can be exploited in sever…

CVSS: 8.1 · CWE: CWE-908

View on NVD

An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap.

CVSS: 7.5 · CWE: CWE-532

View on NVD

h2o is an open source http server. In code prior to the `8c0eca3` commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. When h2o is used as a reverse proxy, an attacker can abuse this vulnerability to send internal state of…

CVSS: 7.4 · CWE: CWE-908

View on NVD

An issue was discovered in the tectonic_xdv crate before 0.1.12 for Rust. XdvParser::::process may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the rdiff crate through 2021-02-03 for Rust. Window may read from uninitialized memory locations.

CVSS: 7.5 · CWE: CWE-908

View on NVD

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string_primitive may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_extension_others may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_binary may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the gfx-auxil crate through 2021-01-07 for Rust. gfx_auxil::read_spirv may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the ash crate before 0.33.1 for Rust. util::read_spv may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preamble_skipcount may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the columnar crate through 2021-01-07 for Rust. ColumnarReadExt::read_typed_vec may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the flumedb crate through 2021-01-07 for Rust. read_entry may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the binjs_io crate through 2021-01-03 for Rust. The Read method may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the bronzedb-protocol crate through 2021-01-03 for Rust. ReadKVExt may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. fill_buf may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. read_up_to may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the buffoon crate through 2020-12-31 for Rust. InputStream::read_exact may read from uninitialized memory locations.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the bite crate through 2020-12-31 for Rust. read::BiteReadExpandedExt::read_framed_max may read from uninitialized memory locations.

CVSS: 7.5 · CWE: CWE-908

View on NVD

Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

CVSS: 8.8 · CWE: CWE-909

View on NVD

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone() has a drop of uninitialized memory.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the alg_ds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new().

CVSS: 9.8 · CWE: CWE-908

View on NVD

An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS: 8.4 · CWE: CWE-908

View on NVD

An issue was discovered in the outer_cgi crate before 0.2.1 for Rust. A user-provided Read instance receives an uninitialized memory buffer from KeyValueReader.

CVSS: 9.8 · CWE: CWE-119

View on NVD

An issue was discovered in the telemetry crate through 2021-02-17 for Rust. There is a drop of uninitialized memory if a value.clone() call panics within misc::vec_with_size().

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the adtensor crate through 2021-01-11 for Rust. There is a drop of uninitialized memory via the FromIterator implementation for Vector and Matrix.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in PartialReader in the uu_od crate before 0.0.4 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation.

CVSS: 7.3 · CWE: CWE-125

View on NVD

An issue was discovered in the arenavec crate through 2021-01-12 for Rust. A drop of uninitialized memory can sometimes occur upon a panic in T::default().

CVSS: 7.5 · CWE: CWE-787

View on NVD

A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an uninitialized memory leak in setups where an attacker could submit typed input to the auth parameter.

CVSS: 9.8 · CWE: CWE-665

View on NVD

An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a drop of uninitialized memory can occur upon a val.clone() panic.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the byte_struct crate before 0.6.1 for Rust. There can be a drop of uninitialized memory if a certain deserialization method panics.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the truetype crate before 0.30.1 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation within Tape::take_bytes.

CVSS: 7.5 · CWE: CWE-908

View on NVD

An issue was discovered in the toodee crate before 0.3.0 for Rust. The row-insertion feature allows attackers to read the contents of uninitialized memory locations.

CVSS: 7.5 · CWE: CWE-908

View on NVD

An issue was discovered in the postscript crate before 0.14.0 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via a user-provided Read implementation.

CVSS: 7.5 · CWE: CWE-908

View on NVD

An issue was discovered in the ms3d crate before 0.1.3 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via IoReader::read.

CVSS: 7.5 · CWE: CWE-908

View on NVD

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::set_len is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get.

CVSS: 9.8 · CWE: CWE-787

View on NVD

An issue was discovered in the bra crate before 0.1.1 for Rust. It lacks soundness because it can read uninitialized memory.

CVSS: 9.1 · CWE: CWE-908

View on NVD

An issue was discovered in the autorand crate before 0.2.3 for Rust. Because of impl Random on arrays, uninitialized memory can be dropped when a panic occurs, leading to memory corruption.

CVSS: 7.8 · CWE: CWE-787

View on NVD

A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write into uninitialized memory. An attacker could leverage this vulnerability to execute code in the context of the current process.

CVSS: 7.8 · CWE: CWE-787

View on NVD

An issue was discovered in the simple-slab crate before 0.3.3 for Rust. remove() has an off-by-one error, causing memory leakage and a drop of uninitialized memory.

CVSS: 7.5 · CWE: CWE-193

View on NVD

An issue was discovered in the arr crate through 2020-08-25 for Rust. Uninitialized memory is dropped by Array::new_from_template.

CVSS: 9.8 · CWE: CWE-908

View on NVD

An issue was discovered in the ozone crate through 2020-07-04 for Rust. Memory safety is violated because of the dropping of uninitialized memory.

CVSS: 9.8 · CWE: CWE-119

View on NVD

Incorrect validation of user input in the role name parser may lead to use of uninitialized memory allowing an unauthenticated attacker to use a specially crafted request to cause a denial of service. This issue affects MongoDB Server v4.4 versions prior to 4.4.0-rc12; MongoDB Server v4.2 versions prior to 4.2.9.

CVSS: 7.5 · CWE: CWE-475

View on NVD

md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.

CVSS: 7.5 · CWE: CWE-908

View on NVD

In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing in a Python object instead of a tensor. The uninitialized memory address is due to a `reinterpret_c…

CVSS: 7.1 · CWE: CWE-908

View on NVD

A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to (for example) dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations.

CVSS: 9.1 · CWE: CWE-119

View on NVD

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61.

CVSS: 8.8 · CWE: CWE-190

View on NVD

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

CVSS: 7.5 · CWE: CWE-909

View on NVD

An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.

CVSS: 8.2 · CWE: CWE-908

View on NVD

An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memory content via a stack-based out-of-bounds read. It only occurs on systems where gethostname() does not have '\0' termination of the returned string if the hostname is larger than the supplied buffer.…

CVSS: 8.8 · CWE: CWE-125

View on NVD

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) (Exynos7420 or Exynox8890 chipsets) software. The Camera application can leak uninitialized memory via ion. The Samsung ID is SVE-2016-6989 (April 2017).

CVSS: 7.5 · CWE: CWE-772

View on NVD

Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24

CVSS: 7.8 · CWE: CWE-129

View on NVD

While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory could potentially be shared if are transmitted over the wire (for instance with Flight) or persisted…

CVSS: 7.5 · CWE: CWE-909

View on NVD

It was discovered that the C++ implementation (which underlies the R, Python and Ruby implementations) of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null values in some cases. This can lead to uninitialized memory being unintentionally shared if Arrow Arrays are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and f…

CVSS: 7.5 · CWE: CWE-909

View on NVD

Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.

CVSS: 8.2 · CWE: CWE-125

View on NVD

Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.

CVSS: 7.5 · CWE: CWE-755

View on NVD

An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized memory, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerability, a specifically crafted PDF document needs to be processed by the target application.

CVSS: 9.8 · CWE: CWE-416

View on NVD

An issue was discovered in the generator crate before 0.6.18 for Rust. Uninitialized memory is used by Scope, done, and yield_ during API calls.

CVSS: 7.5 · CWE: CWE-908

View on NVD

An issue was discovered in the memoffset crate before 0.5.0 for Rust. offset_of and span_of can cause exposure of uninitialized memory.

CVSS: 7.5 · CWE: CWE-908

View on NVD

A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox < 66.

CVSS: 9.8 · CWE: CWE-908

View on NVD

Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function.

CVSS: 8.8 · CWE: CWE-119

View on NVD

An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.

CVSS: 7.5 · CWE: N/A

View on NVD

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.

CVSS: 7.8 · CWE: CWE-908

View on NVD

In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer's` internal "fill" method as the `start` to a fill operation. This flaw may be…

CVSS: 7.5 · CWE: CWE-226

View on NVD

Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. contains a Signed/unsigned comparison, wrong buffer size chackes, integer overflow, missing padding initialization vulnerability in (De)Serialization functions (core/io/marshalls.cpp) that can result in DoS (packet of death), possible leak of uninitialized memory. This attack appear to be exploitable via A malforme…

CVSS: 7.5 · CWE: CWE-131

View on NVD

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges.

CVSS: 7.8 · CWE: CWE-665

View on NVD