CWE-457: CWE-457

This vulnerability allows attackers within Bluetooth range to bypass authentication on WOLFBOX Level 2 EV Chargers by exploiting uninitialized encrypt...

This critical vulnerability in Google Chrome's Dawn component on Android allows remote attackers to potentially access memory outside intended bounds ...

An uninitialized pointer vulnerability in WPS Office's Excel file parser allows remote code execution when opening malicious files. Attackers can craf...

An unauthenticated remote attacker can cause denial of service on Cisco Meraki MX and Z Series devices by sending crafted HTTPS requests to the AnyCon...

This vulnerability in ThroughTek Kalay SDK allows attackers to decrypt DTLS-encrypted communications by exploiting a predictable pre-shared key (PSK) ...

A Use of Uninitialized Variable vulnerability in SOLIDWORKS eDrawings allows attackers to execute arbitrary code when users open specially crafted EPR...

This vulnerability allows memory corruption in the trusted application when processing identity credential operations, potentially leading to arbitrar...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious VC6 files in Ashlar-Vellum Graphite soft...

This vulnerability allows attackers to craft malicious CATPRODUCT files that, when opened in Autodesk AutoCAD, can exploit an uninitialized variable t...

This vulnerability allows attackers to exploit an uninitialized variable in Autodesk AutoCAD when processing malicious CATPRODUCT files. Successful ex...

This vulnerability allows attackers to exploit uninitialized variables in Autodesk AutoCAD when processing malicious CATPRODUCT files. Successful expl...

This vulnerability allows remote attackers to execute arbitrary code on Ashlar-Vellum Cobalt installations by tricking users into opening malicious VS...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious SKP files in Trimble SketchUp Viewer. At...

This vulnerability in PDF-XChange Editor allows remote attackers to execute arbitrary code by tricking users into opening malicious RTF files. The fla...

This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious MODEL files in affected Autodesk applications. ...

This vulnerability allows remote attackers to execute arbitrary code on affected Trimble SketchUp Viewer installations by tricking users into opening ...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious 3DM files in Bentley View. Attackers can...

This vulnerability allows remote attackers to execute arbitrary code on Bentley MicroStation CONNECT installations by tricking users into opening mali...

CVE-2021-46631 is a memory initialization vulnerability in Bentley View's TIF image parser that allows remote code execution when users open malicious...

This vulnerability in Bentley View allows remote attackers to disclose sensitive information by exploiting improper memory initialization when parsing...

This vulnerability allows remote attackers to execute arbitrary code on Bentley MicroStation CONNECT installations by tricking users into opening mali...

CVE-2021-3928 is a use-after-free vulnerability in Vim's undo functionality that occurs when handling specially crafted files. This vulnerability coul...

This vulnerability allows remote attackers to execute arbitrary code on Foxit Studio Photo installations by tricking users into opening malicious CMP ...

An authenticated attacker with VPN credentials can cause a denial of service on Cisco Meraki MX/Z Series devices by exploiting an uninitialized variab...

OpenEXR versions 3.3.0-3.3.5 and 3.4.0-3.4.2 contain a use of uninitialized memory vulnerability in the generic_unpack function. This can cause undefi...

A denial-of-service vulnerability in Dragonfly's P2P file distribution system allows attackers to bypass rate limiting by exploiting an uninitialized ...

CVE-2024-21502 is a use of uninitialized variable vulnerability in fastecdsa's curvemath_mul function that allows attackers to control stack memory. T...

CVE-2022-25737 is an information disclosure vulnerability in Qualcomm modems where missing NULL pointer checks allow attackers to read sensitive data ...

This CVE describes a memory corruption vulnerability in display components due to uninitialized data. It allows local privilege escalation if an attac...

This vulnerability involves uninitialized memory in the JavaScript Engine component of Mozilla products, which could allow an attacker to execute arbi...

Panda3D versions up to 1.10.16 contain a denial of service vulnerability in the deploy-stub component. Attackers can crash the application by supplyin...

This vulnerability in Android's CursorWindow component allows unauthenticated local attackers to read uninitialized memory, potentially exposing sensi...

CVE-2023-42046 is an information disclosure vulnerability in PDF-XChange Editor's J2K file parser caused by uninitialized memory access. Attackers can...

A use of uninitialized variable vulnerability in QNAP operating systems allows attackers with administrator access to cause denial of service or manip...

This CVE describes an uninitialized heap data read vulnerability in DA (likely a MediaTek component) that could allow local information disclosure. At...

A Use of Uninitialized Variable vulnerability in Open Design Alliance Drawings SDK allows applications to access uninitialized memory during startup d...