The vulnerability of the Fly-wm window manager, related to improper initialization of resources, allows attackers to cause service failure.

The vulnerability of the Fly-wm window manager is related to incorrect initialization of resources. Exploiting this vulnerability can allow attackers to cause service failures...

Vulnerabilities in the initialization and service management of Linux Systemd, related to incorrect default permissions, allow attackers to access confidential data, compromise its integrity, and cause service failures.

Vulnerabilities in the initialization and service management of Linux’s systemd are related to incorrect standard permissions for low-security administrators. Exploiting these vulnerabilities can allow remote attackers to access sensitive data, compromise its integrity, and cause service failures...

The vulnerability of the STUN/TURN response buffer in the Coturn web server allows a attacker to access confidential data.

The vulnerability of the STUN/TURN response buffer in the Coturn web server is related to initialization errors. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data...

An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data potentially containing sensitive information from kernel stack memory if the configuration lacks CONFIG_INIT_STACK_ALL aka CID-b9258a2cece4.

...

Intel Server Board Elevation of Privilege Vulnerability

Intel Server Board is a server motherboard from Intel Corporation USA. An elevation of privilege vulnerability exists in the BIOS firmware in Intel Server Board Families S2600ST, S2600BP, and S2600WF, which stems from a faulty initialization. A local attacker could exploit the vulnerability to...

The vulnerability of the X Window System Xorg-server, related to improper memory initialization, allows an attacker to cause a leak of part of the server’s memory for the Xorg-server client.

The vulnerability of the X Window System Xorg-server is related to incorrect memory initialization. Exploiting this vulnerability can allow an attacker to cause a leak of part of the server’s memory for the Xorg-server client...

CVE-2020-14347

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable...

DEBIAN-CVE-2020-14347

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable...

CVE-2020-14347

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable...

Design/Logic Flaw

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable...

CVE-2020-14347

CVE-2020-14347 affects the X.Org X server (xorg-server): a flaw that leaks uninitialized heap memory from the server to clients, potentially enabling information disclosure and, in elevated-privilege setups, ASLR bypass. Affected releases include Xorg-server prior to a patched version; multiple a...

CVE-2020-14347

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable...

The vulnerability of the initialization and service management subsystems in Linux’s systemd, related to resource management errors, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the initialization and service management subsystems in Linux’s systemd is related to resource management errors. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and even cause service failures using the shutdown...

The vulnerability of the fly-wm window manager, related to incorrect data initialization, allows attackers to compromise data integrity.

The vulnerability of the fly-wm window manager is related to incorrect data initialization. Exploiting this vulnerability can allow attackers to compromise data integrity...

X.Org Server Pixel Data Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processi...

CVE-2020-14347

A flaw was found in the way the Xserver memory was not properly initialized. This issue leak parts of server memory to the X client. In cases where the Xorg server runs with elevated privileges, this flaw results in a possible ASLR bypass...

USN-4440-1 linux-hwe, linux-aws-5.3, linux-azure-5.3, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-oracle-5.3, linux-raspi2-5.3 vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the kernel-user space relay...

Oracle VirtualBox BusLogicSCSI Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

CVE-2020-9227

Huawei Smart Phones Moana-AL00B with versions earlier than 10.1.0.166 have a missing initialization of resource vulnerability. An attacker tricks the user into installing then running a crafted application. Due to improper initialization of specific parameters, successful exploit of this...

CVE-2020-9227

Huawei Smart Phones Moana-AL00B with versions earlier than 10.1.0.166 have a missing initialization of resource vulnerability. An attacker tricks the user into installing then running a crafted application. Due to improper initialization of specific parameters, successful exploit of this...