CWE-457

192 CVEs classified under CWE-457. Browse by severity and year.

Top CVEs for CWE-457
CVESeverityScorePublishedSummary
CVE-2026-6748Critical9.82026-04-21Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbir…
CVE-2025-54874Critical9.82025-08-05OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opj_jp2_read_header may lead to OOB heap memory write when the data…
CVE-2025-53644Critical9.82025-07-17OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap bu…
CVE-2024-47540Critical9.82024-12-12GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matro…
CVE-2024-10934Critical9.82024-11-15In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninit…
CVE-2024-32611Critical9.82024-05-14HDF5 Library through 1.14.3 may use an uninitialized value in H5A__attr_release_table in H5Aint.c.
CVE-2022-40510Critical9.82023-08-08Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
CVE-2022-21217Critical9.82022-01-28An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted network request…
CVE-2021-40418Critical9.82021-12-22When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an objec…
CVE-2026-2806Critical9.12026-02-24Uninitialized memory in the Graphics: Text component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
CVE-2025-5749High8.82025-06-06WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers…
CVE-2024-6990High8.82024-08-01Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a…
CVE-2023-31275High8.82023-11-27An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially craf…
CVE-2009-0901High8.82009-07-29The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1…
CVE-2025-20271High8.62025-06-18A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remo…
CVE-2020-27124High8.62024-11-18A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the af…
CVE-2024-33021High8.42024-08-05Memory corruption while processing IOCTL call to set metainfo.
CVE-2026-10960High8.32026-06-04Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a…
CVE-2026-9972High8.32026-05-28Uninitialized Use in Gamepad in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially…
CVE-2026-6311High8.32026-04-15Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to po…