CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2022-05-02
Medium
CVE-2022-29968

Vendor: Linux
Software: Linux kernel
 

 
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.

 
2022-02-04
Low
CVE-2021-40403

Vendor: Gerbv project
Software: Gerbv
 

 
An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0. A specially-crafted pick-and-place file can exploit the missing initialization of a structure to leak memory contents. An attacker can provide a malicious file to trigger this vulnerability.

 
Low
CVE-2022-24448

Vendor: Linux
Software: Linux kernel
 

 
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.

 
2021-12-15
Low
CVE-2021-0961

Vendor: Google
Software: Android
 

 
In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196046570References: Upstream kernel

 
Low
CVE-2021-39636

Vendor: Google
Software: Android
 

 
In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel

 
2021-10-28
Medium
CVE-2021-22482

Vendor: Huawei
Software: EMUI
 

 
There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data.

 
2021-10-18
Medium
CVE-2021-36513

Vendor: Signalwire
Software: Freeswitch
 

 
An issue was discovered in function sofia_handle_sip_i_notify in sofia.c in SignalWire freeswitch before 1.10.6, may allow attackers to view sensitive information due to an uninitialized value.

 
2021-09-27
Low
CVE-2021-0423

Updating...
 

 
In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05385714.

 
2021-08-17
Medium
CVE-2021-29980

Vendor: Mozilla
Software: Firefox
 

 
Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

 
2021-06-24
Medium
CVE-2021-23994

Vendor: Mozilla
Software: Firefox
 

 
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top