CWE-665
DiscouragedImproper Initialization
Abstraction: Class · Status: Draft
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
425 vulnerabilities reference this CWE, most recent first.
GHSA-6C6R-R3R9-H62J
Vulnerability from github – Published: 2024-02-06 09:31 – Updated: 2024-02-06 09:31An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.
{
"affected": [],
"aliases": [
"CVE-2023-4503"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-06T09:15:52Z",
"severity": "MODERATE"
},
"details": "An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.",
"id": "GHSA-6c6r-r3r9-h62j",
"modified": "2024-02-06T09:31:38Z",
"published": "2024-02-06T09:31:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4503"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2023:7637"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2023:7638"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2023:7639"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2023:7641"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2023-4503"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6FQ2-2MW9-3J26
Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2022-05-13 01:23drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file.
{
"affected": [],
"aliases": [
"CVE-2010-4343"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2010-12-29T18:00:00Z",
"severity": "MODERATE"
},
"details": "drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file.",
"id": "GHSA-6fq2-2mw9-3j26",
"modified": "2022-05-13T01:23:33Z",
"published": "2022-05-13T01:23:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4343"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=661182"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7873ca4e4401f0ecd8868bf1543113467e6bae61"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7873ca4e4401f0ecd8868bf1543113467e6bae61"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42884"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/46397"
},
{
"type": "WEB",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2010/12/08/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2010/12/09/15"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/45262"
},
{
"type": "WEB",
"url": "http://www.spinics.net/lists/linux-scsi/msg43772.html"
},
{
"type": "WEB",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6GFX-CX3G-JX7C
Vulnerability from github – Published: 2024-07-05 09:33 – Updated: 2024-07-08 18:31In the Linux kernel, the following vulnerability has been resolved:
media: v4l: async: Properly re-initialise notifier entry in unregister
The notifier_entry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use list_del_init() to return the notifier_entry an empty list.
{
"affected": [],
"aliases": [
"CVE-2024-39485"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-05T07:15:10Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l: async: Properly re-initialise notifier entry in unregister\n\nThe notifier_entry of a notifier is not re-initialised after unregistering\nthe notifier. This leads to dangling pointers being left there so use\nlist_del_init() to return the notifier_entry an empty list.",
"id": "GHSA-6gfx-cx3g-jx7c",
"modified": "2024-07-08T18:31:16Z",
"published": "2024-07-05T09:33:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39485"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1aa6cd4adfc0380fa1ccc2f146848940ff882a66"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/87100b09246202a91fce4a1562955c32229173bb"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9537a8425a7a0222999d5839a0b394b1e8834b4a"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J77-RPRV-M39J
Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2022-05-13 01:42Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "kill cat /pathname/nagios.lock" command.
{
"affected": [],
"aliases": [
"CVE-2017-12847"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-23T21:29:00Z",
"severity": "MODERATE"
},
"details": "Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a \"kill `cat /pathname/nagios.lock`\" command.",
"id": "GHSA-6j77-rprv-m39j",
"modified": "2022-05-13T01:42:46Z",
"published": "2022-05-13T01:42:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12847"
},
{
"type": "WEB",
"url": "https://github.com/NagiosEnterprises/nagioscore/issues/404"
},
{
"type": "WEB",
"url": "https://github.com/NagiosEnterprises/nagioscore/commit/1b197346d490df2e2d3b1dcce5ac6134ad0c8752"
},
{
"type": "WEB",
"url": "https://github.com/NagiosEnterprises/nagioscore/commit/3baffa78bafebbbdf9f448890ba5a952ea2d73cb"
},
{
"type": "WEB",
"url": "https://github.com/NagiosEnterprises/nagioscore/blob/master/Changelog"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201710-20"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100403"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6JJ2-4Q5C-X8G6
Vulnerability from github – Published: 2026-06-19 20:46 – Updated: 2026-06-19 20:46Impact
CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic. NetNamedPipe creates a shared memory object based on the listening url, then generated a unique GUID for the named pipe it will be using and saves this to the shared memory object. Then it creates the named pipe to listen for clients. This requires an attacker to race the service and create the named pipe between the service publishing the GUID to the shared memory location (which the attacker needs to read) and the service creating the named pipe itself.
Patches
Fixed in CoreWCF v1.8.1 and v1.9.1
Workarounds
None
{
"affected": [
{
"package": {
"ecosystem": "NuGet",
"name": "CoreWCF.NetNamedPipe"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "CoreWCF.NetNamedPipe"
},
"ranges": [
{
"events": [
{
"introduced": "1.9.0"
},
{
"fixed": "1.9.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-54777"
],
"database_specific": {
"cwe_ids": [
"CWE-367",
"CWE-665"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-19T20:46:55Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Impact\nCoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic. NetNamedPipe creates a shared memory object based on the listening url, then generated a unique GUID for the named pipe it will be using and saves this to the shared memory object. Then it creates the named pipe to listen for clients. This requires an attacker to race the service and create the named pipe between the service publishing the GUID to the shared memory location (which the attacker needs to read) and the service creating the named pipe itself.\n\n### Patches\nFixed in CoreWCF v1.8.1 and v1.9.1\n\n### Workarounds\nNone",
"id": "GHSA-6jj2-4q5c-x8g6",
"modified": "2026-06-19T20:46:55Z",
"published": "2026-06-19T20:46:55Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/CoreWCF/CoreWCF/security/advisories/GHSA-6jj2-4q5c-x8g6"
},
{
"type": "PACKAGE",
"url": "https://github.com/CoreWCF/CoreWCF"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"type": "CVSS_V3"
}
],
"summary": "CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance"
}
GHSA-6MFV-842H-V848
Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-05-24 17:33In rw_i93_sm_format of rw_i93.cc, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-157650336
{
"affected": [],
"aliases": [
"CVE-2020-0450"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-11-10T13:15:00Z",
"severity": "MODERATE"
},
"details": "In rw_i93_sm_format of rw_i93.cc, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-157650336",
"id": "GHSA-6mfv-842h-v848",
"modified": "2022-05-24T17:33:27Z",
"published": "2022-05-24T17:33:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0450"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-6QW3-W6WV-8FGG
Vulnerability from github – Published: 2023-10-29 09:30 – Updated: 2023-11-08 03:30When the isula cp command is used to copy files from a container to a host machine and the container is controlled by an attacker, the attacker can escape the container.
{
"affected": [],
"aliases": [
"CVE-2021-33638"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-29T08:15:20Z",
"severity": "MODERATE"
},
"details": "\nWhen the isula cp command is used to copy files from a container to a host machine and the container is controlled by an attacker, the attacker can escape the container.\n\n",
"id": "GHSA-6qw3-w6wv-8fgg",
"modified": "2023-11-08T03:30:32Z",
"published": "2023-10-29T09:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33638"
},
{
"type": "WEB",
"url": "https://gitee.com/src-openeuler/iSulad/pulls/600/files"
},
{
"type": "WEB",
"url": "https://gitee.com/src-openeuler/iSulad/pulls/627/files"
},
{
"type": "WEB",
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1686"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6RMW-4VW4-4Q4G
Vulnerability from github – Published: 2022-05-13 01:18 – Updated: 2022-05-13 01:18The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0926.
{
"affected": [],
"aliases": [
"CVE-2018-0901"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-14T17:29:00Z",
"severity": "MODERATE"
},
"details": "The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka \"Windows Kernel Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0926.",
"id": "GHSA-6rmw-4vw4-4q4g",
"modified": "2022-05-13T01:18:36Z",
"published": "2022-05-13T01:18:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0901"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0901"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/44311"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103245"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040517"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6V6P-FP4F-56P8
Vulnerability from github – Published: 2023-08-11 03:30 – Updated: 2024-04-04 06:49Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
{
"affected": [],
"aliases": [
"CVE-2022-38083"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-11T03:15:13Z",
"severity": "MODERATE"
},
"details": "Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"id": "GHSA-6v6p-fp4f-56p8",
"modified": "2024-04-04T06:49:51Z",
"published": "2023-08-11T03:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38083"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230824-0001"
},
{
"type": "WEB",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6V9P-CXVF-8F7V
Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-10-07 18:15A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.
{
"affected": [],
"aliases": [
"CVE-2020-25662"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-284",
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-11-05T21:15:00Z",
"severity": "MODERATE"
},
"details": "A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel\u0027s Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.",
"id": "GHSA-6v9p-cxvf-8f7v",
"modified": "2022-10-07T18:15:55Z",
"published": "2022-05-24T17:33:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25662"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:4685"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:4686"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2020-12352"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2020-25662"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/vulnerabilities/BleedingTooth"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891484"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25662"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-3
Strategy: Language Selection
- Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, in Java, if the programmer does not explicitly initialize a variable, then the code could produce a compile-time error (if the variable is local) or automatically initialize the variable to the default value for the variable's type. In Perl, if explicit initialization is not performed, then a default value of undef is assigned, which is interpreted as 0, false, or an equivalent value depending on the context in which the variable is accessed.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all your variables and other data stores, either during declaration or just before the first usage.
Mitigation
Pay close attention to complex conditionals that affect initialization, since some conditions might not perform the initialization.
Mitigation
Avoid race conditions (CWE-362) during initialization routines.
Mitigation
Run or compile your product with settings that generate warnings about uninitialized variables or data.
CAPEC-26: Leveraging Race Conditions
The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with their version and cause the system to read the malicious file.
CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.