Common Weakness Enumeration

CWE-824

Allowed

Access of Uninitialized Pointer

Abstraction: Base · Status: Incomplete

The product accesses or uses a pointer that has not been initialized.

451 vulnerabilities reference this CWE, most recent first.

GHSA-MV6Q-6XX6-CMH5

Vulnerability from github – Published: 2023-11-16 18:30 – Updated: 2023-11-16 18:30
VLAI
Details

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-47053"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-16T16:15:33Z",
    "severity": "MODERATE"
  },
  "details": "Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-mv6q-6xx6-cmh5",
  "modified": "2023-11-16T18:30:31Z",
  "published": "2023-11-16T18:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47053"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/audition/apsb23-64.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MW5R-WQ2M-397C

Vulnerability from github – Published: 2026-07-01 17:45 – Updated: 2026-07-01 17:45
VLAI
Summary
Open Babel has uninitialized pointer dereference in GRO residue parser
Details

Summary

A memory-safety vulnerability in Open Babel's GRO parser caused an uninitialized pointer dereference when reading a crafted input file.

Details

The flaw was in the residue handling of the GRO reader. A malformed record caused the parser to use a residue pointer that had never been initialized.

Impact

Open Babel is a C++ library and CLI used to read and write chemistry file formats; it is shipped by Linux distributions and embedded in services that may parse untrusted input. Triggering this vulnerability requires the victim to open a malicious GRO file with the obabel tool, the OBConversion API, or any of the language bindings (Python, Ruby, Java, R, Perl, C#, PHP).

Affected versions

All releases up to and including 3.1.1.

Patched version

3.2.0 (released 2026-05-26).

Patch

Fix commit: https://github.com/openbabel/openbabel/commit/fa9a2d9a

A minimized reproducer for this CVE is checked in under test/files/fuzz_regress/ and is exercised on every CI build under ASAN+UBSAN by the fuzzregresstest harness.

Credit

Reported by Cisco TALOS.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "openbabel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-42885"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-01T17:45:46Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Summary\n\nA memory-safety vulnerability in Open Babel\u0027s GRO parser caused an\nuninitialized pointer dereference when reading a crafted input file.\n\n### Details\n\nThe flaw was in the residue handling of the GRO reader. A malformed\nrecord caused the parser to use a residue pointer that had never been\ninitialized.\n\n### Impact\n\nOpen Babel is a C++ library and CLI used to read and write chemistry\nfile formats; it is shipped by Linux distributions and embedded in\nservices that may parse untrusted input. Triggering this vulnerability\nrequires the victim to open a malicious GRO file with the `obabel`\ntool, the `OBConversion` API, or any of the language bindings (Python,\nRuby, Java, R, Perl, C#, PHP).\n\n### Affected versions\n\nAll releases up to and including 3.1.1.\n\n### Patched version\n\n3.2.0 (released 2026-05-26).\n\n### Patch\n\nFix commit: https://github.com/openbabel/openbabel/commit/fa9a2d9a\n\nA minimized reproducer for this CVE is checked in under\n`test/files/fuzz_regress/` and is exercised on every CI build under\nASAN+UBSAN by the `fuzzregresstest` harness.\n\n### Credit\n\nReported by Cisco TALOS.",
  "id": "GHSA-mw5r-wq2m-397c",
  "modified": "2026-07-01T17:45:47Z",
  "published": "2026-07-01T17:45:46Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openbabel/openbabel/security/advisories/GHSA-mw5r-wq2m-397c"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42885"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openbabel/openbabel/commit/fa9a2d9a2eb75154b7a884dfe679ff41a8f9c547"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openbabel/openbabel"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1668"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1668"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Open Babel has uninitialized pointer dereference in GRO residue parser"
}

GHSA-MWVH-C89Q-73J6

Vulnerability from github – Published: 2026-04-21 15:32 – Updated: 2026-06-30 03:36
VLAI
Details

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-6751"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457",
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-21T13:16:21Z",
    "severity": "HIGH"
  },
  "details": "Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.",
  "id": "GHSA-mwvh-c89q-73j6",
  "modified": "2026-06-30T03:36:20Z",
  "published": "2026-04-21T15:32:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6751"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19464"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19465"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19466"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19467"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19468"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19469"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19542"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19655"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19704"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-6751"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2025883"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460109"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6751.json"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-30"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-32"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-33"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-34"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:10757"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:10766"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:10767"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:12285"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:13537"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:15892"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:17477"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:17687"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:17688"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:17689"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:17690"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19041"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19131"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19201"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19348"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19461"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19462"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19463"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MX89-4JM3-JMV3

Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10
VLAI
Details

An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be exploited while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-32931"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-11T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be exploited while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.",
  "id": "GHSA-mx89-4jm3-jmv3",
  "modified": "2022-05-24T19:10:42Z",
  "published": "2022-05-24T19:10:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32931"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1027"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1030"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-MX92-M8M9-32FQ

Vulnerability from github – Published: 2024-12-19 09:30 – Updated: 2025-01-21 21:30
VLAI
Details

An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-26093"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-19T08:15:14Z",
    "severity": "HIGH"
  },
  "details": "An access of uninitialized pointer (CWE-824) vulnerability\u00a0in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point\u00a0being managed by the controller by executing a crafted CLI command.",
  "id": "GHSA-mx92-m8m9-32fq",
  "modified": "2025-01-21T21:30:49Z",
  "published": "2024-12-19T09:30:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26093"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.com/psirt/FG-IR-21-002"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P48C-W36X-45WJ

Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2024-02-23 21:30
VLAI
Details

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-29095"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-25T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.",
  "id": "GHSA-p48c-w36x-45wj",
  "modified": "2024-02-23T21:30:47Z",
  "published": "2022-05-24T17:45:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29095"
    },
    {
      "type": "WEB",
      "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P5W9-856P-8Q4G

Vulnerability from github – Published: 2021-08-25 21:00 – Updated: 2021-08-24 17:42
VLAI
Summary
Assumed memory layout of std::net::SocketAddr
Details

The socket2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the memory layout, and this will cause invalid memory access if the standard library changes the implementation. No warnings or errors will be emitted once the change happens.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "socket2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.3.16"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-06T17:25:39Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "The [`socket2`](https://crates.io/crates/socket2) crate has assumed `std::net::SocketAddrV4`\nand `std::net::SocketAddrV6` have the same memory layout as the system C representation\n`sockaddr`. It has simply casted the pointers to convert the socket addresses to the\nsystem representation. The standard library does not say anything about the memory\nlayout, and this will cause invalid memory access if the standard library\nchanges the implementation. No warnings or errors will be emitted once the\nchange happens.\n",
  "id": "GHSA-p5w9-856p-8q4g",
  "modified": "2021-08-24T17:42:08Z",
  "published": "2021-08-25T21:00:23Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rust-lang/socket2-rs/issues/119"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rust-lang/socket2-rs"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2020-0079.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Assumed memory layout of std::net::SocketAddr",
  "withdrawn": "2021-08-24T17:42:08Z"
}

GHSA-P87J-5W46-H7W5

Vulnerability from github – Published: 2023-08-10 15:30 – Updated: 2024-04-04 06:47
VLAI
Details

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-38226"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-10T14:15:12Z",
    "severity": "HIGH"
  },
  "details": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-p87j-5w46-h7w5",
  "modified": "2024-04-04T06:47:28Z",
  "published": "2023-08-10T15:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38226"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P942-F2JQ-6857

Vulnerability from github – Published: 2022-09-16 00:00 – Updated: 2022-09-20 00:00
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X_B files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17565.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-40649"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-15T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X_B files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17565.",
  "id": "GHSA-p942-f2jq-6857",
  "modified": "2022-09-20T00:00:29Z",
  "published": "2022-09-16T00:00:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40649"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1205"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P996-826H-XHFR

Vulnerability from github – Published: 2026-01-13 21:31 – Updated: 2026-01-13 21:31
VLAI
Details

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-21275"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-13T19:16:25Z",
    "severity": "HIGH"
  },
  "details": "InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-p996-826h-xhfr",
  "modified": "2026-01-13T21:31:44Z",
  "published": "2026-01-13T21:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21275"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/indesign/apsb26-02.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.