958 matches found
UBUNTU-CVE-2015-8746
fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service NULL pointer dereference and panic via crafted network traffic...
CVE-2016-4076
epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service application crash via a crafted packet...
UBUNTU-CVE-2016-4076
epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service application crash via a crafted packet...
CVE-2016-4076
epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service application crash via a crafted packet...
Command injection
The calloc function in the glibc package in Red Hat Enterprise Linux RHEL 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service hang or crash via unspecified vectors...
CVE-2015-5229
The calloc function in the glibc package in Red Hat Enterprise Linux RHEL 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service hang or crash via unspecified vectors...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...
CVE-2016-2795
The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...
CVE-2016-2795
The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...
DEBIAN-CVE-2016-2795
The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...
Code injection
The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...
CVE-2016-2795
The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...
CVE-2016-2795
Graphite 2 vulnerability CVE-2016-2795 affects the Graphite font engine library. The function graphite2::FileFace::get_table_fn in Graphite 2 before 1.3.6 does not initialize memory for an unspecified data structure, enabling a remote attacker to cause denial of service (and possibly other impact...
CVE-2015-7054
zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site...
CVE-2015-7054
CVE-2015-7054 affects Apple platforms via the zlib component in the Compression subsystem (iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, watchOS before 2.1). The vulnerability arises because memory is not initialized for an unspecified data structure, allowing remote attackers to execute ...
Google Chrome Multiple Vulnerabilities-01 (Dec 2015) - Windows
google chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Chrome Denial of Service Vulnerability (CNVD-2015-07975)
Google Chrome is a web browser developed by the American company Google Google. The 'VideoFramePool::PoolImpl::CreateFrame' function in the media/base/videoframepool.cc file in Google Chrome versions prior to 47.0.2526.73 has a security vulnerability. Due to the program failing to properly...
CVE-2015-8480
The CVE-2015-8480 entry relates to Google Chrome before 47.0.2526.73. The vulnerability arises because VideoFramePool::PoolImpl::CreateFrame does not initialize memory for a video-frame data structure, enabling remote attackers to trigger a denial of service via out-of-bounds memory access, poten...
UBUNTU-CVE-2015-8367
The phaseonecorrect function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization...
PT-2015-7775 · Libraw +3 · Libraw +3
Name of the Vulnerable Software and Affected Versions: Libraw versions prior to 0.17.1 Description: The issue is related to memory object initialization in the phase one correct function, which can cause memory errors and potentially allow attackers to execute arbitrary code. Recommendations: For...