CWE-457
192 CVEs classified under CWE-457. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-6748 | Critical | 9.8 | 2026-04-21 | Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbir… |
CVE-2025-54874 | Critical | 9.8 | 2025-08-05 | OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opj_jp2_read_header may lead to OOB heap memory write when the data… |
CVE-2025-53644 | Critical | 9.8 | 2025-07-17 | OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap bu… |
CVE-2024-47540 | Critical | 9.8 | 2024-12-12 | GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matro… |
CVE-2024-10934 | Critical | 9.8 | 2024-11-15 | In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninit… |
CVE-2024-32611 | Critical | 9.8 | 2024-05-14 | HDF5 Library through 1.14.3 may use an uninitialized value in H5A__attr_release_table in H5Aint.c. |
CVE-2022-40510 | Critical | 9.8 | 2023-08-08 | Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. |
CVE-2022-21217 | Critical | 9.8 | 2022-01-28 | An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted network request… |
CVE-2021-40418 | Critical | 9.8 | 2021-12-22 | When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an objec… |
CVE-2026-2806 | Critical | 9.1 | 2026-02-24 | Uninitialized memory in the Graphics: Text component. This vulnerability was fixed in Firefox 148 and Thunderbird 148. |
CVE-2025-5749 | High | 8.8 | 2025-06-06 | WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers… |
CVE-2024-6990 | High | 8.8 | 2024-08-01 | Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a… |
CVE-2023-31275 | High | 8.8 | 2023-11-27 | An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially craf… |
CVE-2009-0901 | High | 8.8 | 2009-07-29 | The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1… |
CVE-2025-20271 | High | 8.6 | 2025-06-18 | A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remo… |
CVE-2020-27124 | High | 8.6 | 2024-11-18 | A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the af… |
CVE-2024-33021 | High | 8.4 | 2024-08-05 | Memory corruption while processing IOCTL call to set metainfo. |
CVE-2026-10960 | High | 8.3 | 2026-06-04 | Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a… |
CVE-2026-9972 | High | 8.3 | 2026-05-28 | Uninitialized Use in Gamepad in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially… |
CVE-2026-6311 | High | 8.3 | 2026-04-15 | Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to po… |