VYPR

CWE-908

Use of Uninitialized Resource

BaseIncompleteLikelihood: Medium

Description

The product uses or accesses a resource that has not been initialized.

When a resource has not been properly initialized, the product may behave unexpectedly. This may lead to a crash or invalid memory access, but the consequences vary depending on the type of resource and how it is used within the product.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (209)

page 11 of 11
  • CVE-2020-35888Dec 31, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in the arr crate through 2020-08-25 for Rust. Uninitialized memory is dropped by Array::new_from_template.

  • CVE-2020-26266Dec 10, 2020
    risk 0.00cvss epss 0.00

    In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating…

  • CVE-2020-26271Dec 10, 2020
    risk 0.00cvss epss 0.00

    In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src node (given by output_index) and the input…

  • CVE-2020-15193Sep 25, 2020
    risk 0.00cvss epss 0.01

    In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing…

  • CVE-2019-16144Sep 9, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the generator crate before 0.6.18 for Rust. Uninitialized memory is used by Scope, done, and yield_ during API calls.

  • CVE-2019-15553Aug 26, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the memoffset crate before 0.5.0 for Rust. offset_of and span_of can cause exposure of uninitialized memory.

  • CVE-2018-20992Aug 26, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled.

  • CVE-2018-11383MedMay 22, 2018
    risk 0.00cvss 5.5epss 0.01

    The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.

  • CVE-2015-3414Apr 24, 2015
    risk 0.00cvss epss 0.05

    SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE…