CWE-824 · Access of Uninitialized Pointer

288 CVEs classified under CWE-824 (Access of Uninitialized Pointer). Browse by severity and year.

Top CVEs for CWE-824
CVESeverityScorePublishedSummary
CVE-2026-6748Critical9.82026-04-21Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbir…
CVE-2026-2805Critical9.82026-02-24Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
CVE-2026-2785Critical9.82026-02-24Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2022-46280Critical9.82023-07-21A use of uninitialized pointer vulnerability exists in the PQS format pFormat functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted…
CVE-2022-44451Critical9.82023-07-21A use of uninitialized pointer vulnerability exists in the MSI format atom functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted ma…
CVE-2022-42885Critical9.82023-07-21A use of uninitialized pointer vulnerability exists in the GRO format res functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted mal…
CVE-2021-36219Critical9.82021-09-27An issue was discovered in SKALE sgxwallet 1.58.3. The provided input for ECALL 14 triggers a branch in trustedEcdsaSign that frees a non-initialized pointer f…
CVE-2021-1619Critical9.82021-09-23A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to…
CVE-2020-11138Critical9.82021-01-21Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto…
CVE-2020-25573Critical9.82020-09-14An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint.
CVE-2020-17446Critical9.82020-08-12asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, b…
CVE-2018-17141Critical9.82018-09-21HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, whi…
CVE-2018-14356Critical9.82018-07-17An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.
CVE-2018-11743Critical9.82018-06-05The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_h…
CVE-2017-12561Critical9.82018-02-15A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version Plat 7.3 E0504P4 and earlier was found.
CVE-2018-19857Critical9.12018-12-05The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF fi…
CVE-2025-32451High8.82025-08-13A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside…
CVE-2022-34480High8.82022-12-22Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never bei…
CVE-2021-41208High8.82021-11-05TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a res…
CVE-2020-8882High8.82020-03-20This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to…