Search
Search Results (833 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10811 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.5 High |
| strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. | ||||
| CVE-2017-7777 | 3 Mozilla, Redhat, Sil | 3 Firefox, Enterprise Linux, Graphite2 | 2024-11-21 | N/A |
| Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function. | ||||
| CVE-2012-5663 | 1 Openbsd | 1 Textproc\/isearch | 2024-11-21 | 7.5 High |
| The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp). | ||||
| CVE-2024-33021 | 1 Qualcomm | 279 Ar8035, Ar8035 Firmware, Csra6620 and 276 more | 2024-11-20 | 8.4 High |
| Memory corruption while processing IOCTL call to set metainfo. | ||||
| CVE-2022-48993 | 2024-10-23 | 0.0 Low | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-47966 | 2 Delta Electronics, Deltaww | 2 Cncsoft-g2, Cncsoft-g2 | 2024-10-17 | 7.8 High |
| Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2024-45445 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 4 Medium |
| Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-7540 | 1 Ofono Project | 1 Ofono | 2024-08-29 | 3.3 Low |
| oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CMGL commands. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-23307. | ||||
| CVE-2024-7541 | 1 Ofono Project | 1 Ofono | 2024-08-29 | 3.3 Low |
| oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CMT commands. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-23308. | ||||
| CVE-2024-7542 | 2 Ofono, Ofono Project | 2 Ofono, Ofono | 2024-08-29 | 3.3 Low |
| oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CMGR commands. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-23309. | ||||
| CVE-2024-6990 | 1 Google | 1 Chrome | 2024-08-16 | 8.8 High |
| Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2024-7529 | 2 Mozilla, Redhat | 9 Firefox, Firefox Esr, Thunderbird and 6 more | 2024-08-12 | 8.1 High |
| The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. | ||||
| CVE-2017-10988 | 2023-11-07 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | ||||