Total
505 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20029 | 3 Dokan-dev, Microsoft, Nomachine | 3 Dokanfs, Windows 10, Nomachine | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read. | |||||
| CVE-2019-18197 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2020-08-24 | 5.1 MEDIUM | 7.5 HIGH |
| In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. | |||||
| CVE-2018-14551 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption. | |||||
| CVE-2018-10115 | 1 7-zip | 1 7-zip | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive. | |||||
| CVE-2019-2167 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118615501 | |||||
| CVE-2018-5160 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox < 60. | |||||
| CVE-2019-2004 | 1 Google | 1 Android | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| In publishKeyEvent, publishMotionEvent and sendUnchainedFinishedSignal of InputTransport.cpp, there are uninitialized data leading to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-115739809 | |||||
| CVE-2019-2105 | 1 Google | 1 Android | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-116114182. | |||||
| CVE-2018-8627 | 1 Microsoft | 6 Excel, Excel Viewer, Office and 3 more | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598. | |||||
| CVE-2019-11750 | 1 Mozilla | 2 Firefox, Firefox Esr | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | |||||
| CVE-2019-9338 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762686 | |||||
| CVE-2018-5095 | 4 Canonical, Debian, Mozilla and 1 more | 11 Ubuntu Linux, Debian Linux, Firefox and 8 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. | |||||
| CVE-2019-9335 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112328051 | |||||
| CVE-2018-9557 | 1 Google | 1 Android | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| In really_install_package of install.cpp, there is a possible free of arbitrary memory due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2. Android ID: A-35385357. | |||||
| CVE-2019-2170 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118615735 | |||||
| CVE-2019-9336 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326322 | |||||
| CVE-2019-9322 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111128067 | |||||
| CVE-2019-12730 | 1 Ffmpeg | 1 Ffmpeg | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables. | |||||
| CVE-2018-8378 | 1 Microsoft | 9 Excel Viewer, Office, Office Compatibility Pack and 6 more | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office. | |||||
| CVE-2019-9337 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376 | |||||