CVE-2024-47966

Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...

CVE-2024-47966

Delta Electronics CNCSoft-G2 contains a Use of Uninitialized Variable (CWE-457) flaw tracked as CVE-2024-47966. The issue affects the CNCSoft-G2 HMI and is triggered by uninitialized memory accessed during parsing or processing, enabling remote code execution when a user opens a malicious page or...

CVE-2024-47966 Use of Uninitialized Variable vulnerability in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...

CVE-2024-44154

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted file may lead to unexpected app termination...

About the security content of macOS Sequoia 15

About the security content of macOS Sequoia 15 This document describes the security content of macOS Sequoia 15. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

CVE-2024-7541

oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7540

oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7541

oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7542

oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7542 oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability

oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7542

CVE-2024-7542 concerns oFono and the AT+CMGR handling logic. The flaw is described as an uninitialized memory access during parsing of AT CMGR command responses, enabling a local attacker who can execute code on the target modem to disclose sensitive information and potentially execute arbitrary ...

CVE-2024-7542 oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability

oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7541

oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7541

CVE-2024-7541 concerns oFono, specifically the AT+CMT Command parsing flaw. The vulnerability arises from uninitialized memory access during response parsing, enabling local attackers with code execution context as root when combined with other weaknesses. Affected component is oFono’s modem AT+C...

CVE-2024-7540

CVE-2024-7540 concerns oFono’s AT CMGL command handling. The issue stems from uninitialized memory during parsing of AT+CMGL responses, which can allow a local attacker who already has code execution on the target modem to disclose sensitive information and potentially escalate to root. Affected ...

CVE-2024-7540 oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability

oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7540

oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

PT-2024-38406

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to...

DEBIAN-CVE-2024-41059

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copyname syzbot reported BUG: KMSAN: uninit-value in sizedstrscpy+0xc4/0x160 sizedstrscpy+0xc4/0x160 copyname+0x2af/0x320 fs/hfsplus/xattr.c:411 hfspluslistxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750...

Autodesk AutoCAD SLDPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...