CWE-909
23 CVEs classified under CWE-909. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-3804 | High | 7.5 | 2019-03-26 | It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated at… |
CVE-2026-43040 | High | 7.1 | 2026-05-01 | In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prev… |
CVE-2017-0730 | Medium | 5.5 | 2017-08-09 | A denial of service vulnerability in the Android media framework (h264 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36279… |
CVE-2020-12523 | Medium | 5.4 | 2020-12-17 | On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard… |
CVE-2026-40687 | Medium | 4.8 | 2026-04-30 | In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connec… |
CVE-2025-54410 | Low | 3.3 | 2025-07-30 | Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstr… |
CVE-2024-32945 | Low | 2.6 | 2024-07-15 | Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a… |
CVE-2025-8117 | | 2025-09-30 | PAD CMS improperly initializes parameter used for password recovery, which allows to change password for any user that did not use reset password functionality… | |
CVE-2025-54388 | | 2025-07-30 | Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstr… | |
CVE-2024-53845 | | 2024-12-11 | ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no opt… | |
CVE-2024-8178 | | 2024-09-05 | The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a gues… | |
CVE-2022-0175 | | 2022-08-26 | A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resour… | |
CVE-2022-0382 | | 2022-02-11 | An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or… | |
CVE-2021-3655 | | 2021-08-05 | A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uni… | |
CVE-2021-28167 | | 2021-04-21 | In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entri… | |
CVE-2011-1044 | | 2011-02-18 | The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which a… | |
CVE-2010-3877 | | 2011-01-03 | The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain po… | |
CVE-2010-3876 | | 2011-01-03 | net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potenti… | |
CVE-2010-4083 | | 2010-11-30 | The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain pote… | |
CVE-2010-4082 | | 2010-11-30 | The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure mem… |