Falhas do tipo CWE-908
234 resultadosCVE-2026-45736MEDIUMws: Uninitialized memory disclosureEPSS 0.5%CVE-2025-59204MEDIUMWindows Management Services Information Disclosure VulnerabilityEPSS 0.5%CVE-2024-36454MEDIUMUse of uninitialized resource issue exists in IPCOM EX2 Series (V01L0x Series) V01L07NF0201 and earlier, and IPCOM VE2 Series V01L07NF0201 aEPSS 0.5%CVE-2021-31423MEDIUMThis vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An EPSS 0.4%CVE-2025-1942CRITICALDisclosure of uninitialized memory when .toUpperCase() causes string to get longerEPSS 0.4%CVE-2025-29829MEDIUMWindows Trusted Runtime Interface Driver Information Disclosure VulnerabilityEPSS 0.4%CVE-2021-31419MEDIUMThis vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An EPSS 0.4%CVE-2026-4715CRITICALUninitialized memory in the Graphics: Canvas2D componentEPSS 0.4%CVE-2021-31418MEDIUMThis vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An EPSS 0.4%CVE-2021-31417MEDIUMThis vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An EPSS 0.4%CVE-2021-3545—An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and includiEPSS 0.4%CVE-2025-9640MEDIUMSamba: vfs_streams_xattr uninitialized memory write possibleEPSS 0.4%CVE-2026-4716CRITICALIncorrect boundary conditions, uninitialized memory in the JavaScript Engine componentEPSS 0.4%CVE-2026-20962MEDIUMDynamic Root of Trust for Measurement (DRTM) Information Disclosure VulnerabilityEPSS 0.4%CVE-2026-26175MEDIUMWindows Boot Manager Security Feature Bypass VulnerabilityEPSS 0.4%CVE-2026-42969MEDIUMWindows Push Notification Information Disclosure VulnerabilityEPSS 0.4%CVE-2024-8654MEDIUMMongoDB Server may access non-initialized region of memory leading to unexpected behaviourEPSS 0.4%CVE-2024-13164HIGHAn uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a locaEPSS 0.4%CVE-2024-3862MEDIUMThe MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. ThEPSS 0.4%CVE-2025-27796MEDIUMReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory iEPSS 0.4%