Falhas do tipo CWE-457
173 resultadosCVE-2025-5777CRITICALNetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overreadEPSS 99.9%KEVCVE-2009-0901HIGHThe Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 anEPSS 42.0%CVE-2021-40418CRITICALWhen parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property EPSS 17.9%CVE-2019-11038LOWUninitialized read in gdImageCreateFromXbmEPSS 4.3%CVE-2021-31435HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interacEPSS 2.8%CVE-2021-46570HIGHThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.0.80. User inteEPSS 2.0%CVE-2021-46566HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. UEPSS 1.9%CVE-2021-46631HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction EPSS 1.9%CVE-2021-46617HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. UEPSS 1.9%CVE-2021-41253MEDIUMPossible heap buffer overflow when using zycore string functions in formatter hooksEPSS 1.8%CVE-2011-0539HIGHThe key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option iEPSS 1.8%CVE-2023-31275HIGHAn uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel filEPSS 1.7%CVE-2019-1010319—WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaEPSS 1.5%CVE-2019-1010317—WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaEPSS 1.5%CVE-2022-21217CRITICALAn out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-craftEPSS 1.4%CVE-2021-21966MEDIUMAn information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NEPSS 1.4%CVE-2024-21502HIGHVersions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemath_mul function EPSS 1.0%CVE-2024-47540HIGHGHSL-2024-197: GStreamer uses uninitialized stack memory in Matroska/WebM demuxerEPSS 1.0%CVE-2026-10973HIGHUninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML pagEPSS 1.0%CVE-2024-23137HIGHMultiple Vulnerabilities in the Autodesk AutoCAD Desktop SoftwareEPSS 1.0%