Total
446 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-20176 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
| In auth_store of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197787879References: N/A | ||||
| CVE-2022-20119 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213170715References: N/A | ||||
| CVE-2022-20096 | 2 Google, Mediatek | 13 Android, Mt6765, Mt6768 and 10 more | 2024-08-03 | 4.4 Medium |
| In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID: ALPS06419003. | ||||
| CVE-2022-20079 | 2 Google, Mediatek | 17 Android, Mt6781, Mt6785 and 14 more | 2024-08-03 | 4.4 Medium |
| In vow, there is a possible read of uninitialized data due to a improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05857289. | ||||
| CVE-2022-20018 | 2 Google, Mediatek | 33 Android, Mt6580, Mt6739 and 30 more | 2024-08-03 | 4.4 Medium |
| In seninf driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863018; Issue ID: ALPS05863018. | ||||
| CVE-2022-20015 | 2 Google, Mediatek | 25 Android, Mt6739, Mt6757 and 22 more | 2024-08-03 | 4.4 Medium |
| In kd_camera_hw driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862966; Issue ID: ALPS05862966. | ||||
| CVE-2022-20008 | 1 Google | 1 Android | 2024-08-03 | 4.6 Medium |
| In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel | ||||
| CVE-2022-2949 | 1 Altair | 1 Hyperview Player | 2024-08-03 | 7.8 High |
| Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption. | ||||
| CVE-2022-2950 | 1 Altair | 1 Hyperview Player | 2024-08-03 | 7.8 High |
| Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption. | ||||
| CVE-2022-2308 | 1 Linux | 1 Linux Kernel | 2024-08-03 | 6.5 Medium |
| A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver to ensure the size of the device config space is in line with the features advertised by the VDUSE userspace application. In case of a mismatch, Virtio drivers config read helpers do not initialize the memory indirectly passed to vduse_vdpa_get_config() returning uninitialized memory from the stack. This could cause undefined behavior or data leaks in Virtio drivers. | ||||
| CVE-2022-0494 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-08-02 | 4.4 Medium |
| A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. | ||||
| CVE-2022-0433 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-08-02 | 5.5 Medium |
| A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1. | ||||
| CVE-2022-0115 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-02 | 8.8 High |
| Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | ||||
| CVE-2023-42797 | 1 Siemens | 4 Sicam A8000 Cp-8031, Sicam A8000 Cp-8031 Firmware, Sicam A8000 Cp-8050 and 1 more | 2024-08-02 | 6.6 Medium |
| A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP-8050 MASTER MODULE (All versions < CPCI85 V05.20). The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being used in succeeding validation steps. By uploading specially crafted network configuration, an authenticated remote attacker could be able to inject commands that are executed on the device with root privileges during device startup. | ||||
| CVE-2023-38140 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2024-08-02 | 5.5 Medium |
| Windows Kernel Information Disclosure Vulnerability | ||||
| CVE-2023-38151 | 1 Microsoft | 3 Azure Host Integration Server 2020, Host Integration Server, Ole Db Provider | 2024-08-02 | 8.8 High |
| Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability | ||||
| CVE-2023-36913 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-08-02 | 6.5 Medium |
| Microsoft Message Queuing Information Disclosure Vulnerability | ||||
| CVE-2023-36704 | 1 Microsoft | 2 Windows 10 1809, Windows Server 2019 | 2024-08-02 | 7.8 High |
| Windows Setup Files Cleanup Remote Code Execution Vulnerability | ||||
| CVE-2023-36713 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2024-08-02 | 5.5 Medium |
| Windows Common Log File System Driver Information Disclosure Vulnerability | ||||
| CVE-2023-36567 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2024-08-02 | 7.5 High |
| Windows Deployment Services Information Disclosure Vulnerability | ||||