CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RustSec•added 2021/01/07 12:0 p.m.•21 views

columnar: `Read` on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec())

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation ColumnarReadExt::readtypedvec. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading...

9.8CVSS3.2AI score0.00433EPSS

RustSec•added 2021/01/07 12:0 p.m.•17 views

`Read` on uninitialized buffer may cause UB ( `read_entry()` )

9.8CVSS3.4AI score0.00418EPSS

OSV•added 2021/01/03 12:0 p.m.•14 views

RUSTSEC-2021-0084 `Read` on uninitialized buffer can cause UB (impl of `ReadKVExt`)

9.8CVSS9.4AI score0.00433EPSS

RustSec•added 2021/01/03 12:0 p.m.•19 views

`Read` on uninitialized buffer can cause UB (impl of `ReadKVExt`)

9.8CVSS3.7AI score0.00433EPSS

OSV•added 2021/01/03 12:0 p.m.•14 views

RUSTSEC-2021-0085 'Read' on uninitialized memory may cause UB

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. The crate currently contains 4 occurrences of such cases. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes...

9.8CVSS9.4AI score0.00433EPSS

RustSec•added 2021/01/02 12:0 p.m.•16 views

reading on uninitialized buffer can cause UB (`impl<R> BufRead for GreedyAccessReader<R>`)

Affected versions of this crate creates an uninitialized buffer and passes it to user-provided Read implementation. This is unsound, because it allows safe Rust code to exhibit an undefined behavior read from uninitialized memory. The flaw was corrected in version 0.1.1 by zero-initializing a new...

9.1CVSS3.4AI score0.00433EPSS

Exploits1Affected Software1

RustSec•added 2020/12/31 12:0 p.m.•14 views

`FixedCapacityDequeLike::clone()` can cause dropping uninitialized memory

Affected versions of this crate don't guard against panics, so that partially uninitialized buffer is dropped when user-provided T::clone panics in FixedCapacityDequeLike::clone. This causes memory corruption...

9.8CVSS5.5AI score0.00607EPSS

RustSec•added 2020/12/31 12:0 p.m.•14 views

`read` on uninitialized buffer may cause UB (bite::read::BiteReadExpandedExt::read_framed_max)

Affected versions of this crate calls a user provided Read implementation on an uninitialized buffer. Read on uninitialized buffer is defined as undefined behavior in Rust...

7.5CVSS3.5AI score0.00285EPSS

RustSec•added 2020/12/31 12:0 p.m.•18 views

InputStream::read_exact : `Read` on uninitialized buffer causes UB

9.8CVSS3.8AI score0.00433EPSS

OSV•added 2020/12/31 12:0 p.m.•18 views

RUSTSEC-2020-0132 `FixedCapacityDequeLike::clone()` can cause dropping uninitialized memory

9.8CVSS9.5AI score0.00607EPSS

OSV•added 2020/12/27 12:0 p.m.•11 views

RUSTSEC-2020-0155 `Read` on uninitialized buffer in `fill_buf()` and `read_up_to()`

9.8CVSS9.3AI score0.00433EPSS

RedHat Linux•added 2020/11/04 1:47 a.m.•4 views

tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c

A flaw was found in tcpdump where an uninitialized buffer is accessed in tcpdump while printing HNCP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the...

9.8CVSS6.5AI score0.03123EPSS

Exploits0References4

BDU FSTEC•added 2020/11/02 12:0 a.m.•1 views

The vulnerability of the MxConfig component of the MOXA EDR-810 industrial router allows a hacker to trigger a service failure.

The vulnerability of the MxConfig component of the MOXA EDR-810 industrial router lies in the reading of an uninitialized buffer within the stack. Exploiting this vulnerability could allow a malicious actor to trigger a service failure by using the Scmdmoxatcpstatus service...

3.5CVSS5.7AI score

Exploits0References1Affected Software1

Veracode•added 2020/04/10 12:50 a.m.•28 views

Information Disclosure

kernel is vulnerable to information disclosure. Information leak in the USB implementation. Certain USB errors could result in an uninitialized kernel buffer being sent to user-space. An attacker with physical access to a target system could use this flaw to cause an information leak...

4.7CVSS2.4AI score0.00073EPSS

Exploits1References24Affected Software2

Zero Day Initiative•added 2019/12/11 12:0 a.m.•35 views

Apple macOS fseventsd Uninitialized Buffer Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the fseventsd...

6.5CVSS4.7AI score0.00173EPSS

Exploits0References1

Zero Day Initiative•added 2019/10/04 12:0 a.m.•28 views

Apple macOS diskmanagementd Uninitialized Buffer Information Disclosure Vulnerability

4.7CVSS4.1AI score0.00232EPSS

Exploits0References1

Veracode•added 2019/05/27 2:45 a.m.•5 views

Uninitialized Buffer Allocation

websocker-driver is vulnerable to uninitialized buffer allocation attacks. The library contains an uninitialized memory allocation when handling a large number, which can allow a malicious user to gain access to sensitive information or crash the application...

6.8AI score