Common Weakness Enumeration

CWE-457

Allowed

Use of Uninitialized Variable

Abstraction: Variant · Status: Draft

The code uses a variable that has not been initialized, leading to unpredictable or unintended results.

298 vulnerabilities reference this CWE, most recent first.

GHSA-2MJG-798R-MXWH

Vulnerability from github – Published: 2024-09-04 00:31 – Updated: 2025-11-04 00:31
VLAI
Details

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45616"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457",
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-03T22:15:04Z",
    "severity": "LOW"
  },
  "details": "A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.",
  "id": "GHSA-2mjg-798r-mxwh",
  "modified": "2025-11-04T00:31:20Z",
  "published": "2024-09-04T00:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45616"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-45616"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309290"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2P92-92XP-PW8J

Vulnerability from github – Published: 2026-05-29 00:38 – Updated: 2026-05-29 18:31
VLAI
Details

Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-10008"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-28T23:16:42Z",
    "severity": "MODERATE"
  },
  "details": "Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-2p92-92xp-pw8j",
  "modified": "2026-05-29T18:31:21Z",
  "published": "2026-05-29T00:38:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10008"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/513768979"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2QGR-GFVJ-QPCR

Vulnerability from github – Published: 2025-09-17 19:48 – Updated: 2025-09-26 16:17
VLAI
Summary
Dragonfly incorrectly handles a task structure’s usedTrac field
Details

Impact

The processPieceFromSource method (figure 4.1) is part of a task processing mechanism. The method writes pieces of data to storage, updating a Task structure along the way. The method does not update the structure’s usedTraffic field, because an uninitialized variable n is used as a guard to the AddTraffic method call, instead of the result.Size variable.

var n int64
result.Size, err = pt.GetStorage().WritePiece([skipped])
result.FinishTime = time.Now().UnixNano()
if n > 0 {
       pt.AddTraffic(uint64(n))
}

A task is processed by a peer. The usedTraffic metadata is not updated during the processing. Rate limiting is incorrectly applied, leading to a denial-of-service condition for the peer.

Patches

  • Dragonfy v2.1.0 and above.

Workarounds

There are no effective workarounds, beyond upgrading.

References

A third party security audit was performed by Trail of Bits, you can see the full report.

If you have any questions or comments about this advisory, please email us at dragonfly-maintainers@googlegroups.com.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/dragonflyoss/dragonfly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "d7y.io/dragonfly/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-59348"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-09-17T19:48:41Z",
    "nvd_published_at": "2025-09-17T20:15:37Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThe processPieceFromSource method (figure 4.1) is part of a task processing mechanism. The method writes pieces of data to storage, updating a Task structure along the way. The method does not update the structure\u2019s usedTraffic field, because an uninitialized variable n is used as a guard to the AddTraffic method call, instead of the result.Size variable.\n\n```golang\nvar n int64\nresult.Size, err = pt.GetStorage().WritePiece([skipped])\nresult.FinishTime = time.Now().UnixNano()\nif n \u003e 0 {\n       pt.AddTraffic(uint64(n))\n}\n```\n\nA task is processed by a peer. The usedTraffic metadata is not updated during the processing. Rate limiting is incorrectly applied, leading to a denial-of-service condition for the peer.\n\n### Patches\n\n- Dragonfy v2.1.0 and above.\n\n### Workarounds\n\nThere are no effective workarounds, beyond upgrading.\n\n### References\n\nA third party security audit was performed by Trail of Bits, you can see the [full report](https://github.com/dragonflyoss/dragonfly/blob/main/docs/security/dragonfly-comprehensive-report-2023.pdf).\n\nIf you have any questions or comments about this advisory, please email us at [dragonfly-maintainers@googlegroups.com](mailto:dragonfly-maintainers@googlegroups.com).",
  "id": "GHSA-2qgr-gfvj-qpcr",
  "modified": "2025-09-26T16:17:10Z",
  "published": "2025-09-17T19:48:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/dragonflyoss/dragonfly/security/advisories/GHSA-2qgr-gfvj-qpcr"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59348"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/dragonflyoss/dragonfly"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dragonflyoss/dragonfly/blob/main/docs/security/dragonfly-comprehensive-report-2023.pdf"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2025-3963"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Dragonfly incorrectly handles a task structure\u2019s usedTrac field"
}

GHSA-2RV8-P95W-9W54

Vulnerability from github – Published: 2024-08-05 15:30 – Updated: 2024-08-05 15:30
VLAI
Details

Memory corruption while processing IOCTL call to set metainfo.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-33021"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457",
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-05T15:15:51Z",
    "severity": "HIGH"
  },
  "details": "Memory corruption while processing IOCTL call to set metainfo.",
  "id": "GHSA-2rv8-p95w-9w54",
  "modified": "2024-08-05T15:30:53Z",
  "published": "2024-08-05T15:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33021"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2W7J-PWRP-QPXJ

Vulnerability from github – Published: 2025-06-06 18:30 – Updated: 2025-06-06 18:30
VLAI
Details

WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of cryptographic keys used in vendor-specific encrypted communications. The issue results from the lack of proper initialization of a variable prior to accessing it. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26295.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-5749"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-06T16:15:30Z",
    "severity": "MODERATE"
  },
  "details": "WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of cryptographic keys used in vendor-specific encrypted communications. The issue results from the lack of proper initialization of a variable prior to accessing it. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26295.",
  "id": "GHSA-2w7j-pwrp-qpxj",
  "modified": "2025-06-06T18:30:32Z",
  "published": "2025-06-06T18:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5749"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-328"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-354C-38FF-3CW6

Vulnerability from github – Published: 2024-06-25 03:31 – Updated: 2024-07-03 18:46
VLAI
Details

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-37002"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457",
      "CWE-863",
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-25T03:15:10Z",
    "severity": "HIGH"
  },
  "details": "A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.",
  "id": "GHSA-354c-38ff-3cw6",
  "modified": "2024-07-03T18:46:48Z",
  "published": "2024-06-25T03:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37002"
    },
    {
      "type": "WEB",
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-365P-M6G8-HHGP

Vulnerability from github – Published: 2021-12-15 00:01 – Updated: 2022-07-26 00:01
VLAI
Details

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to use of uninitialized memory while parsing user supplied TIFF files. This could allow an attacker to cause a denial-of-service condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-44003"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457",
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-14T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in JT2Go (All versions \u003c V13.2.0.5), Teamcenter Visualization (All versions \u003c V13.2.0.5). The Tiff_Loader.dll is vulnerable to use of uninitialized memory while parsing user supplied TIFF files. This could allow an attacker to cause a denial-of-service condition.",
  "id": "GHSA-365p-m6g8-hhgp",
  "modified": "2022-07-26T00:01:12Z",
  "published": "2021-12-15T00:01:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44003"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-36P6-H78P-CX2W

Vulnerability from github – Published: 2026-02-10 21:31 – Updated: 2026-02-10 21:31
VLAI
Details

Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-29952"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-10T20:16:44Z",
    "severity": "MODERATE"
  },
  "details": "Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity",
  "id": "GHSA-36p6-h78p-cx2w",
  "modified": "2026-02-10T21:31:31Z",
  "published": "2026-02-10T21:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29952"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-377P-G8GR-5WPG

Vulnerability from github – Published: 2024-05-03 18:30 – Updated: 2026-06-06 00:28
VLAI
Summary
LIEF obtain sensitive information via the name parameter
Details

An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "lief"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.15.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-31636"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-22T20:26:56Z",
    "nvd_published_at": "2024-05-03T17:15:07Z",
    "severity": "LOW"
  },
  "details": "An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component.",
  "id": "GHSA-377p-g8gr-5wpg",
  "modified": "2026-06-06T00:28:36Z",
  "published": "2024-05-03T18:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31636"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lief-project/LIEF/issues/1038"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lief-project/LIEF/commit/307e113f8e00b034f0a5f1baa33e54d636c52ea3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/lief-project/LIEF"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/lief/PYSEC-2024-280.yaml"
    },
    {
      "type": "WEB",
      "url": "http://lief.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "LIEF obtain sensitive information via the name parameter"
}

GHSA-395X-3X8Q-MV38

Vulnerability from github – Published: 2022-05-17 02:02 – Updated: 2026-05-29 21:31
VLAI
Details

The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2011-0539"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-02-10T18:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.",
  "id": "GHSA-395x-3x8q-mv38",
  "modified": "2026-05-29T21:31:10Z",
  "published": "2022-05-17T02:02:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0539"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65163"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43181"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/44269"
    },
    {
      "type": "WEB",
      "url": "http://www.openssh.com/txt/legacy-cert.adv"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2011/02/04/2"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/46155"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1025028"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0284"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-57
Implementation

Strategy: Attack Surface Reduction

Ensure that critical variables are initialized before first use [REF-1485].

Mitigation
Build and Compilation

Strategy: Compilation or Build Hardening

Most compilers will complain about the use of uninitialized variables if warnings are turned on.

Mitigation
Implementation Operation

When using a language that does not require explicit declaration of variables, run or compile the software in a mode that reports undeclared or unknown variables. This may indicate the presence of a typographic error in the variable's name.

Mitigation
Requirements

Strategy: Language Selection

Choose a language that is not susceptible to these issues.

Mitigation
Architecture and Design

Mitigating technologies such as safe string libraries and container abstractions could be introduced.

No CAPEC attack patterns related to this CWE.