LSN-0067-1: Kernel Live Patch Security Notice

It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-11494...

The vulnerability of Firefox browser, related to improper data initialization, allows attackers to compromise data integrity.

The vulnerability of the Firefox browser is related to improper data initialization. Exploiting this vulnerability can allow a remote attacker to compromise the integrity of data...

Code injection

Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...

CVE-2018-19519

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

CVE-2018-19519

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

USN-2843-2 linux-lts-wily vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

CVE-2015-2044

The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size...

CVE-2015-2044

CVE-2015-2044 concerns the Xen hypervisor: the emulation routines for unspecified X86 devices in Xen 3.2.x–4.5.x do not properly initialize data, enabling local HVM guest users to obtain sensitive information via an unsupported access size. The Mageia advisory MGASA-2016-0098 documents this CVE a...

Google Chrome Font Uninitialization Vulnerability

Google Chrome is a simple and efficiently designed web browsing tool developed by Google. Google Chrome Font has an uninitialized vulnerability due to the program fails to properly initialize data structure vulnerability, allowing attackers to construct malicious WEB pages and trick users into...

Mozilla Thunderbird Multiple Vulnerabilities-01 (Nov 2013) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Firefox Multiple Vulnerabilities - 01 (Nov 2013) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2012-1873

Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerability."...

CVE-2012-1873

Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerability."...

Buffer overflow

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data...