Skip to main content

CWE-1187

DEPRECATED: Use of Uninitialized Resource

2 CVEs Avg CVSS 7.7 MITRE
1
CRITICAL
0
HIGH
1
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2019-2323 CRITICAL PATCH Act Now

Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Information Disclosure Mdm9150 Firmware Mdm9206 Firmware Mdm9607 Firmware +38
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2017-8891 MEDIUM PATCH This Month

Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Lepton
NVD GitHub
CVSS 3.0
5.5
EPSS
0.2%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Information Disclosure Mdm9150 Firmware +40
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Lepton
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy