Total
446 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13135 | 5 Canonical, Debian, F5 and 2 more | 6 Ubuntu Linux, Debian Linux, Big-ip Application Acceleration Manager and 3 more | 2024-08-04 | 8.8 High |
| ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. | ||||
| CVE-2019-12730 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | N/A |
| aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables. | ||||
| CVE-2019-11833 | 5 Canonical, Debian, Fedoraproject and 2 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2024-08-04 | 5.5 Medium |
| fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. | ||||
| CVE-2019-11750 | 2 Mozilla, Redhat | 3 Firefox, Firefox Esr, Enterprise Linux | 2024-08-04 | 6.5 Medium |
| A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | ||||
| CVE-2019-11694 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2024-08-04 | N/A |
| A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. | ||||
| CVE-2019-11459 | 6 Canonical, Debian, Fedoraproject and 3 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2024-08-04 | 5.5 Medium |
| The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. | ||||
| CVE-2019-11323 | 1 Haproxy | 1 Haproxy | 2024-08-04 | 5.9 Medium |
| HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. This is related to an include/types/ssl_sock.h error. | ||||
| CVE-2019-10541 | 1 Qualcomm | 72 Mdm9206, Mdm9206 Firmware, Mdm9607 and 69 more | 2024-08-04 | 9.8 Critical |
| Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20 | ||||
| CVE-2019-9805 | 1 Mozilla | 1 Firefox | 2024-08-04 | 9.8 Critical |
| A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox < 66. | ||||
| CVE-2019-9824 | 2 Qemu, Redhat | 4 Qemu, Enterprise Linux, Openstack and 1 more | 2024-08-04 | N/A |
| tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. | ||||
| CVE-2019-9641 | 5 Canonical, Debian, Netapp and 2 more | 5 Ubuntu Linux, Debian Linux, Storage Automation Store and 2 more | 2024-08-04 | 9.8 Critical |
| An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF. | ||||
| CVE-2019-9639 | 6 Canonical, Debian, Netapp and 3 more | 8 Ubuntu Linux, Debian Linux, Storage Automation Store and 5 more | 2024-08-04 | 7.5 High |
| An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable. | ||||
| CVE-2019-9578 | 1 Yubico | 1 Libu2f-host | 2024-08-04 | N/A |
| In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device. | ||||
| CVE-2019-9337 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376 | ||||
| CVE-2019-9410 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204443 | ||||
| CVE-2019-9411 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204845 | ||||
| CVE-2019-9415 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111805098 | ||||
| CVE-2019-9409 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112272091 | ||||
| CVE-2019-9369 | 1 Google | 1 Android | 2024-08-04 | 5.5 Medium |
| In Bluetooth, there is a use of uninitialized variable. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79995407 | ||||
| CVE-2019-9391 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In libxaac, there is a possible out of bounds read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111050781 | ||||