CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2020-12-09
Low
CVE-2020-26957

Vendor: Mozilla
Software: Firefox
 

 
OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.

 
2020-12-08
Medium
CVE-2020-27950

Vendor: Apple
Software: Ipados
 

 
A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory.

 
2020-11-12
Medium
CVE-2020-12336

Updating...
 

 
Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.

 
Medium
CVE-2020-8744

Vendor: Intel
Software: Converged se...
 

 
Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200 may allow a privileged user to potentially enable escalation of privilege via local access.

 
2020-11-10
Medium
CVE-2020-0438

Vendor: Google
Software: Android
 

 
In the AIBinder_Class constructor of ibinder.cpp, there is a possible arbitrary code execution due to uninitialized data. This could lead to local escalation of privilege if a process were using libbinder_ndk in a vulnerable way with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-161812320

 
Low
CVE-2020-0450

Vendor: Google
Software: Android
 

 
In rw_i93_sm_format of rw_i93.cc, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-157650336

 
2020-11-03
Low
CVE-2020-15989

Vendor: Google
Software: Chrome
 

 
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

 
2020-10-22
High
CVE-2020-9863

Vendor: Apple
Software: Ipad os
 

 
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges.

 
2020-10-16
Low
CVE-2020-16901

Vendor: Microsoft
Software: Windows 10
 

 
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-16938.

 
Medium
CVE-2020-9964

Vendor: Apple
Software: Ipad os
 

 
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. A local user may be able to read kernel memory.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top