CWE-665(Improper Initialization)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
| 種別 | 名称 | クラス | 普遍性 | OS / CPE |
|---|---|---|---|---|
| language | — | Not Language-Specific | Undetermined | — |
これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。
| CVE | 公開 | 概要 |
|---|---|---|
| CVE-2026-12539 | 2026-06-18 | Docker Sandboxes (sbx) blocks ICMP egress with an authorizer applied only at network-creation time, and does not re-apply it to networks rebuilt from disk when the Docker daemon restarts, so a restart… |
| CVE-2025-35991 | 2026-05-12 | Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a… |
| CVE-2026-34553 | 2026-03-31 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a defect in LUT dump/iteration logic affecting CIccCLUT::Iterate() and o… |
| CVE-2026-0940 | 2026-03-11 | A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code. |
| CVE-2025-66363 | 2026-03-03 | An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages. |
| CVE-2026-26958 | 2026-02-19 | filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid re… |
| CVE-2025-48509 | 2026-02-10 | Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory … |
| CVE-2025-25058 | 2026-02-10 | Improper initialization for some ESXi kernel mode driver for the Intel(R) Ethernet 800-Series before version 2.2.2.0 (esxi 8.0) & 2.2.3.0 (esxi 9.0) within Ring 1: Device Drivers may allow an info… |
| CVE-2026-23553 | 2026-01-28 | In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents … |
| CVE-2026-21913 | 2026-01-15 | An Incorrect Initialization of Resource vulnerability in the Internal Device Manager (IDM) of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a De… |
| CVE-2025-14955 | 2025-12-19 | A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ogs_pfcp_handle_create_pdr in the library lib/pfcp/handler.c of the component PFCP. The manipulation re… |
| CVE-2025-12902 | 2025-11-07 | Improper resource management in firmware of some Solidigm DC Products may allow an attacker with local or physical access to gain un-authorized access to a locked Storage Device or create a Denial of … |
| CVE-2025-55118 | 2025-09-16 | Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: * Control-M/Agent 9.0.20: SSL/TLS configura… |
| CVE-2024-36331 | 2025-09-06 | Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. |
| CVE-2025-24511 | 2025-08-12 | Improper initialization in the Linux kernel-mode driver for some Intel(R) I350 Series Ethernet before version 5.19.2 may allow an authenticated user to potentially enable Information disclosure via da… |
| CVE-2025-22834 | 2025-08-12 | AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected s… |
| CVE-2025-5745 | 2025-06-05 | The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller (those register… |
| CVE-2025-5702 | 2025-06-05 | The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers… |
| CVE-2025-21100 | 2025-05-13 | Improper initialization in the UEFI firmware for the Intel(R) Server D50DNP and M50FCP boards may allow a privileged user to potentially enable information disclosure via local access. |
| CVE-2025-46553 | 2025-05-05 | @misskey-dev/summaly is a tool for getting a summary of a web page. Starting in version 3.0.1 and prior to version 5.2.1, a logic error in the main `summaly` function causes the `allowRedirects` optio… |
| 日付 | 名称 | バージョン | 重要度 | コメント |
|---|---|---|---|---|
| 2008-07-01 | Sean Eidemiller | 1.0 | — | added/updated demonstrative examples |
| 2008-07-01 | Eric Dalci | 1.0 | — | updated Potential_Mitigations, Time_of_Introduction |
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Relationships, Taxonomy_Mappings |
| 2008-11-24 | CWE Content Team | 1.1 | — | updated Relationships, Taxonomy_Mappings |
| 2009-01-12 | CWE Content Team | 1.2 | — | updated Common_Consequences, Demonstrative_Examples, Description, Likelihood_of_Exploit, Modes_of_Introduction, Name, Observed_Examples, Potential_Mitigations, References, Relationships, Weakness_Ordinalities |
| 2009-03-10 | CWE Content Team | 1.3 | — | updated Potential_Mitigations |
| 2009-05-27 | CWE Content Team | 1.4 | — | updated Description, Relationships |
| 2009-07-27 | CWE Content Team | 1.5 | — | updated Related_Attack_Patterns |
| 2009-10-29 | CWE Content Team | 1.6 | — | updated Common_Consequences |
| 2010-02-16 | CWE Content Team | 1.8 | — | updated Potential_Mitigations |
| 2010-04-05 | CWE Content Team | 1.8.1 | — | updated Applicable_Platforms |
| 2010-06-21 | CWE Content Team | 1.9 | — | updated Detection_Factors, Potential_Mitigations |
| 2010-09-27 | CWE Content Team | 1.10 | — | updated Observed_Examples |
| 2011-06-01 | CWE Content Team | 1.13 | — | updated Common_Consequences, Relationships, Taxonomy_Mappings |
| 2011-09-13 | CWE Content Team | 2.1 | — | updated Relationships, Taxonomy_Mappings |
| 2012-05-11 | CWE Content Team | 2.2 | — | updated Demonstrative_Examples, References, Relationships, Taxonomy_Mappings |
| 2013-02-21 | CWE Content Team | 2.4 | — | updated Demonstrative_Examples, Relationships |
| 2014-07-30 | CWE Content Team | 2.8 | — | updated Relationships, Taxonomy_Mappings |
| 2015-12-07 | CWE Content Team | 2.9 | — | updated Relationships |
| 2017-01-19 | CWE Content Team | 2.10 | — | updated Type |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated References, Taxonomy_Mappings |
| 2019-01-03 | CWE Content Team | 3.2 | — | updated Related_Attack_Patterns, Relationships, Taxonomy_Mappings |
| 2019-06-20 | CWE Content Team | 3.3 | — | updated Relationships |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Relationships |
| 2020-06-25 | CWE Content Team | 4.1 | — | updated Relationships |
| 2020-08-20 | CWE Content Team | 4.2 | — | updated Relationships |
| 2020-12-10 | CWE Content Team | 4.3 | — | updated Relationships |
| 2021-03-15 | CWE Content Team | 4.4 | — | updated Observed_Examples |
| 2023-01-31 | CWE Content Team | 4.10 | — | updated Description, Potential_Mitigations, Relationships |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Detection_Factors, References, Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2023-10-26 | CWE Content Team | 4.13 | — | updated Relationships |
| 2024-02-29 | CWE Content Team | 4.14 | — | updated Mapping_Notes |
| 2025-09-09 | CWE Content Team | 4.18 | — | updated References, Relationships |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Observed_Examples |
| 2026-04-30 | CWE Content Team | 4.20 | — | updated Potential_Mitigations |