EIPStackGroup OpENer 缓冲区错误漏洞

EIPStackGroup OpENer is a software from the EIPStackGroup organization for providing EtherNet/IP stacking functionality to IO adapter devices . A buffer error vulnerability exists in EIPStackGroup OpENer version 58ee13c, which stems from a vulnerability in the use of an uninitialized pointer in t...

EIP Stack Group OpENer Forward Open connection_management_entry use of uninitialized pointer vulnerability

Talos Vulnerability Report TALOS-2022-1663 EIP Stack Group OpENer Forward Open connectionmanagemententry use of uninitialized pointer vulnerability February 23, 2023 CVE Number CVE-2022-43606 SUMMARY A use-of-uninitialized-pointer vulnerability exists in the Forward Open connectionmanagemententry...

K17503: PHP vulnerabilities CVE-2015-7803 and CVE-2015-7804

Security Advisory Description CVE-2015-7803 A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7804 An uninitialized pointer use flaw was found in the pharmakedirstream function of PHP's Ph...

Siemens Tecnomatix Plant Simulation Uninitialized Pointer Vulnerability

Siemens Tecnomatix Plant Simulation is an object-oriented, graphical, integrated modeling and simulation tool. An uninitialized pointer access vulnerability exists in Siemens Tecnomatix Plant Simulation. An attacker could use this vulnerability to execute code in the context of the current proces...

Siemens Solid Edge Uninitialized Pointer Vulnerability (CNVD-2023-15413)

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from an uninitialized pointer vulnerability that can be exploited by an attacker to execute...

Siemens Solid Edge Uninitialized Pointer Vulnerability

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from an uninitialized pointer vulnerability that can be exploited by an attacker to execute...

SUSE CVE-2006-6143

The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon kadmind and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service crash and possibl...

SUSE CVE-2007-4000

The kadm5modifypolicyinternal function in lib/kadm5/srv/svrpolicy.c in the Kerberos administration daemon kadmind in MIT Kerberos 5 krb5 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy"...

SUSE CVE-2008-2934

Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer...

SUSE CVE-2009-0846

The asn1decodegeneraltime function in lib/krb5/asn.1/asn1decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 aka krb5 before 1.6.4 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via vectors involving an invalid DER encoding that...

SUSE CVE-2010-3702

The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service crash via unknown vectors that trigger an uninitialized pointer...

SUSE CVE-2010-3703

The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service crash via a PDF file that triggers an uninitialized...

SUSE CVE-2010-3822

WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses an uninitialized pointer during processing of Cascading Style Sheets CSS counter styles, which allows remote attackers to execute arbitrary code or cause a denial of service...

SUSE CVE-2011-0538

Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a malformed file...

SUSE CVE-2012-1014

The processasreq function in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.10.x before 1.10.3 does not initialize a certain structure member, which allows remote attackers to cause a denial of service uninitialized pointer dereference and daemon crash or possibly execute arbitrary...

SUSE CVE-2012-2832

The image-codec implementation in the PDF functionality in Google Chrome before 20.0.1132.43 does not initialize an unspecified pointer, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document...

SUSE CVE-2012-3422

The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instancetoidmap hash is empty, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted web page, which causes an...

SUSE CVE-2012-6542

The llcuigetname function in net/llc/afllc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument...

SUSE CVE-2013-2005

X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the 1 ReqCleanup, 2 HandleSelectionEvents, 3 ReqTimedOut, 4 HandleNormal, and 5...

SUSE CVE-2013-4296

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a crafted RPC ca...