CWE-908: CWE-908

204

Total CVEs

Critical

High

6.7

Avg CVSS

Yearly Trend

2026

2025

2024

2023

2022

Top Affected Vendors

1 Linux 117

2 Debian 25

3 Microsoft 24

4 Google 11

5 Mozilla 3

6 Gnu 2

7 Redhat 2

8 Messagepack Rs Project 2

9 Ivanti 1

10 Synchro 1

All CWE-908 CVEs (204)

CVE-2024-8654

5.0

MongoDB Server v6.0.3 contains a memory access vulnerability in internal aggregation stage processing when zero arguments are called. This could lead ...

Sep 10, 2024

CVE-2026-20962

4.4

This vulnerability involves uninitialized resource usage in Dynamic Root of Trust for Measurement (DRTM) technology, allowing an authorized local atta...

Jan 13, 2026

CVE-2025-9640

4.3

This CVE-2025-9640 vulnerability in Samba's vfs_streams_xattr module allows authenticated users to read uninitialized heap memory through alternate da...

Oct 15, 2025

CVE-2025-12474

N/A

A vulnerability in libjxl's decoder allows specially-crafted JPEG XL files to cause the decoder to read uninitialized memory data. This could potentia...

Feb 11, 2026

← Previous Page 5 of 5

About CWE-908 (CWE-908)

Our database tracks 204 CVEs classified as CWE-908, with 22 rated critical and 72 rated high severity. The average CVSS score for CWE-908 vulnerabilities is 6.7.

External reference: View CWE-908 on MITRE CWE →

Monitor CWE-908 Vulnerabilities

Get alerted when new CWE-908 CVEs affect your infrastructure.

Start Monitoring Free