1. Home
  2. Weaknesses
  3. CWE-456

CWE-456: Missing Initialization of a Variable

ID CWE-456
Abstraction Variant
Structure Simple
Status Draft
Number of CVEs 6
Detail Dashboard Vulnerabilities Web & Social
The product does not initialize critical variables, which causes the execution environment to use unexpected values.

Modes of Introduction

Phase Note
Implementation

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-909 Missing Initialization of Resource Class Simple Incomplete
CWE-1305 CISQ Quality Measures (2020) Incomplete CWE-665 Improper Initialization Class Simple Draft
CWE-1340 CISQ Data Protection Measures Incomplete CWE-665 Improper Initialization Class Simple Draft
CWE-1000 Research Concepts Draft CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Base Simple Stable
CWE-1000 Research Concepts Draft CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Base Simple Incomplete
CWE-1000 Research Concepts Draft CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') Variant Simple Draft
CWE-1000 Research Concepts Draft CWE-457 Use of Uninitialized Variable Variant Simple Draft

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date