Total
224 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-50088 | 1 Linux | 1 Linux Kernel | 2024-11-01 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free in add_inode_ref() The add_inode_ref() function does not initialize the "name" struct when it is declared. If any of the following calls to "read_one_inode() returns NULL, dir = read_one_inode(root, parent_objectid); if (!dir) { ret = -ENOENT; goto out; } inode = read_one_inode(root, inode_objectid); if (!inode) { ret = -EIO; goto out; } then "name.name" would be freed on "out" before being initialized. out: ... kfree(name.name); This issue was reported by Coverity with CID 1526744. | |||||
| CVE-2021-47602 | 1 Linux | 1 Linux Kernel | 2024-10-31 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works for QoS data frames, otherwise we cannot even access the QoS field in the header. Syzbot reported (see below) an uninitialized value here due to a status of a non-QoS nullfunc packet, which isn't even long enough to contain the QoS header. Fix this to only do anything for QoS data packets. | |||||
| CVE-2024-50087 | 1 Linux | 1 Linux Kernel | 2024-10-30 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free on read_alloc_one_name() error The function read_alloc_one_name() does not initialize the name field of the passed fscrypt_str struct if kmalloc fails to allocate the corresponding buffer. Thus, it is not guaranteed that fscrypt_str.name is initialized when freeing it. This is a follow-up to the linked patch that fixes the remaining instances of the bug introduced by commit e43eec81c516 ("btrfs: use struct qstr instead of name and namelen pairs"). | |||||
| CVE-2014-1564 | 2 Mozilla, Opensuse | 4 Firefox, Thunderbird, Evergreen and 1 more | 2024-10-21 | 4.3 MEDIUM | N/A |
| Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image. | |||||
| CVE-2024-47411 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-10-10 | N/A | 7.8 HIGH |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-24925 | 1 Siemens | 1 Simcenter Femap | 2024-10-03 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-22060) | |||||
| CVE-2024-46844 | 1 Linux | 1 Linux Kernel | 2024-10-02 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: um: line: always fill *error_out in setup_one_line() The pointer isn't initialized by callers, but I have encountered cases where it's still printed; initialize it in all possible cases in setup_one_line(). | |||||
| CVE-2022-33280 | 1 Qualcomm | 124 Apq8096au, Apq8096au Firmware, Ar8031 and 121 more | 2024-04-12 | N/A | 8.8 HIGH |
| Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet. | |||||
| CVE-2021-29095 | 1 Esri | 1 Arcgis Server | 2024-02-23 | 6.0 MEDIUM | 6.8 MEDIUM |
| Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account. | |||||
| CVE-2003-1201 | 1 Openldap | 1 Openldap | 2024-02-13 | 5.0 MEDIUM | N/A |
| ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault). | |||||
| CVE-2006-6143 | 2 Canonical, Mit | 2 Ubuntu Linux, Kerberos 5 | 2024-02-09 | 9.3 HIGH | N/A |
| The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2009-0040 | 6 Apple, Debian, Fedoraproject and 3 more | 9 Iphone Os, Mac Os X, Debian Linux and 6 more | 2024-02-09 | 6.8 MEDIUM | N/A |
| The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. | |||||
| CVE-2007-4000 | 2 Fedoraproject, Mit | 2 Fedora, Kerberos 5 | 2024-02-09 | 8.5 HIGH | N/A |
| The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer. | |||||
| CVE-2007-4682 | 1 Apple | 1 Mac Os X | 2024-02-09 | 6.8 MEDIUM | N/A |
| CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted text content that triggers an access of an uninitialized object pointer. | |||||
| CVE-2007-2442 | 3 Canonical, Debian, Mit | 3 Ubuntu Linux, Debian Linux, Kerberos 5 | 2024-02-09 | 10.0 HIGH | N/A |
| The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup. | |||||
| CVE-2006-4175 | 1 Sun | 2 Java System Directory Server, One Directory Server | 2024-02-09 | 7.8 HIGH | N/A |
| The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations. | |||||
| CVE-2007-1213 | 1 Microsoft | 1 Windows 2000 | 2024-02-09 | 7.2 HIGH | N/A |
| The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer. | |||||
| CVE-2007-4639 | 1 Enterprisedb | 1 Postgres Advanced Server | 2024-02-09 | 6.5 MEDIUM | N/A |
| EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that occur before a call to pldbg_create_listener, which allows remote authenticated users to cause a denial of service (daemon crash) and possibly execute arbitrary code via a SELECT statement that invokes a pldbg_ function, as demonstrated by (1) pldbg_get_stack and (2) pldbg_abort_target, which triggers use of an uninitialized pointer. | |||||
| CVE-2009-1415 | 1 Gnu | 1 Gnutls | 2024-02-09 | 4.3 MEDIUM | N/A |
| lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) free of an uninitialized pointer or (2) double free. | |||||
| CVE-2009-2768 | 1 Linux | 1 Linux Kernel | 2024-02-09 | 7.2 HIGH | 7.8 HIGH |
| The load_flat_shared_library function in fs/binfmt_flat.c in the flat subsystem in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by executing a shared flat binary, which triggers an access of an "uninitialized cred pointer." | |||||