Total
388 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-0452 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117261 | ||||
CVE-2021-0435 | 1 Google | 1 Android | 2024-08-03 | 7.5 High |
In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174150451 | ||||
CVE-2021-0453 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
In the Titan-M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117199 | ||||
CVE-2021-0423 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6582 90 and 51 more | 2024-08-03 | 5.5 Medium |
In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05385714. | ||||
CVE-2021-0450 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117880 | ||||
CVE-2021-0449 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117965 | ||||
CVE-2021-0145 | 2 Intel, Netapp | 121 Celeron 6305, Celeron 6305e, Celeron 6600he and 118 more | 2024-08-03 | 5.5 Medium |
Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||
CVE-2021-0119 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2024-08-03 | 6.2 Medium |
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access. | ||||
CVE-2021-0125 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2024-08-03 | 6.6 Medium |
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access. | ||||
CVE-2021-0120 | 2 Intel, Microsoft | 2 Graphics Driver, Windows 10 | 2024-08-03 | 5.5 Medium |
Improper initialization in the installer for some Intel(R) Graphics DCH Drivers for Windows 10 before version 27.20.100.9316 may allow an authenticated user to potentially enable denial of service via local access. | ||||
CVE-2021-0061 | 2 Intel, Microsoft | 2 Graphics Drivers, Windows | 2024-08-03 | 7.8 High |
Improper initialization in some Intel(R) Graphics Driver before version 27.20.100.9030 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
CVE-2021-0095 | 1 Intel | 539 Bios, Core I3-l13g4, Core I5-l16g7 and 536 more | 2024-08-03 | 4.4 Medium |
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access. | ||||
CVE-2021-0053 | 1 Intel | 30 7265, 7265 Firmware, Ac1550 and 27 more | 2024-08-03 | 5.7 Medium |
Improper initialization in firmware for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi in Windows 10 may allow an authenticated user to potentially enable information disclosure via adjacent access. | ||||
CVE-2022-48518 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-03 | 5.5 Medium |
Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, which affects system performance. | ||||
CVE-2022-48352 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-03 | 7.5 High |
Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic. | ||||
CVE-2022-46487 | 1 Scontain | 1 Scone | 2024-08-03 | 7.8 High |
Improper initialization of x87 and SSE floating-point configuration registers in the __scone_entry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floating-point operations in an enclave or access sensitive information via side-channel analysis. | ||||
CVE-2022-46505 | 1 Matrixssl | 1 Matrixssl | 2024-08-03 | 7.5 High |
An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data. | ||||
CVE-2022-46164 | 1 Nodebb | 1 Nodebb | 2024-08-03 | 9.4 Critical |
NodeBB is an open source Node.js based forum software. Due to a plain object with a prototype being used in socket.io message handling a specially crafted payload can be used to impersonate other users and takeover accounts. This vulnerability has been patched in version 2.6.1. Users are advised to upgrade. Users unable to upgrade may cherry-pick commit `48d143921753914da45926cca6370a92ed0c46b8` into their codebase to patch the exploit. | ||||
CVE-2022-43468 | 1 Wordpress Popular Posts Project | 1 Wordpress Popular Posts | 2024-08-03 | 7.5 High |
External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulated through a crafted input. | ||||
CVE-2022-40768 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-08-03 | 5.5 Medium |
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case. |