CVEbaza.plCWE DictionaryCWE-908
Common Weakness Enumeration

CWE-908

Use of Uninitialized Resource

Category: BaseCVE: 874
Description

The product uses or accesses a resource that has not been initialized.

Extended Description

When a resource has not been properly initialized, the product may behave unexpectedly. This may lead to a crash or invalid memory access, but the consequences vary depending on the type of resource and how it is used within the product.

CVE vulnerabilities with CWE-908 (874)
10.0
CVSS
CRITICAL
CVE-2026-24826

Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference, Use of Uninitialized Resource, Out-of-bounds Read, Reachable Assertion vulnerability in cadaver turso3d.This issue affects .

pub. 2026-01-27
9.8
CVSS
CRITICAL
CVE-2025-50165

Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.

pub. 2025-08-12
9.8
CVSS
CRITICAL
CVE-2025-1942

When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string. This vulnerability was fixed in Firefox 136 and Thunderbird 136.

pub. 2025-03-04
9.8
CVSS
CRITICAL
CVE-2024-32611

HDF5 Library through 1.14.3 may use an uninitialized value in H5A__attr_release_table in H5Aint.c.

pub. 2024-05-14
9.8
CVSS
CRITICAL
CVE-2023-24941

Windows Network File System Remote Code Execution Vulnerability

pub. 2023-05-09
9.8
CVSS
CRITICAL
CVE-2022-26437

In httpclient, there is a possible out of bounds write due to uninitialized data. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WSAP00103831; Issue ID: WSAP00103831.

pub. 2022-08-01
9.8
CVSS
CRITICAL
CVE-2020-36512

An issue was discovered in the buffoon crate through 2020-12-31 for Rust. InputStream::read_exact may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2020-36513

An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. read_up_to may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2020-36514

An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. fill_buf may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45682

An issue was discovered in the bronzedb-protocol crate through 2021-01-03 for Rust. ReadKVExt may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45683

An issue was discovered in the binjs_io crate through 2021-01-03 for Rust. The Read method may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45684

An issue was discovered in the flumedb crate through 2021-01-07 for Rust. read_entry may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45685

An issue was discovered in the columnar crate through 2021-01-07 for Rust. ColumnarReadExt::read_typed_vec may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45686

An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preamble_skipcount may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45688

An issue was discovered in the ash crate before 0.33.1 for Rust. util::read_spv may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45689

An issue was discovered in the gfx-auxil crate through 2021-01-07 for Rust. gfx_auxil::read_spirv may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45690

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_binary may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45691

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45692

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_extension_others may read from uninitialized memory locations.

pub. 2021-12-27
9.8
CVSS
CRITICAL
CVE-2021-45693

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string_primitive may read from uninitialized memory locations.

pub. 2021-12-27
Showing 20 of 874 vulnerabilities
Information
ID: CWE-908
Type: Base
Vulnerabilities: 874
MITRE CWE ↗
← CWE Dictionary