2110 matches found
DEBIAN-CVE-2022-1122
A flaw was found in the opj2decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, leading to a segmentation fault and...
ALPINE-CVE-2022-1122
A flaw was found in the opj2decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, leading to a segmentation fault and...
UBUNTU-CVE-2022-1122
A flaw was found in the opj2decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, leading to a segmentation fault and...
CVE-2022-1122
A flaw was found in the opj2decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, leading to a segmentation fault and...
OpenJPEG 安全漏洞
OpenJPEG is an open source C-based JPEG2000 codec. A security vulnerability exists in OpenJPEG version 2.4.0, which stems from the opj2decompress program when it fails to allocate a buffer to store the filename of an input directory, it calls free on the uninitialized pointer, which results in a...
Microsoft Windows CD-ROM Driver Uninitialized Pointer Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CD-ROM drive...
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer. The highest threat from this vulnerability is to system availability.
...
CVE-2022-23636
Wasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance allocator in Wasmtime's runtime where a failure to instantiate an instance for a module that defines an externref global will result in an invalid drop of a...
Siemens Simcenter Femap NEU File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
GHSA-H6GW-R52C-724R NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow
Impact The code for boosted trees in TensorFlow is still missing validation. This allows malicious users to read and write outside of bounds of heap allocated data as well as trigger denial of service via dereferencing nullptrs or via CHECK-failures. This follows after CVE-2021-41208 where these...
CVE-2022-21156
Access of uninitialized pointer in the IntelR Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access...
CVE-2022-21156
Access of uninitialized pointer in the IntelR Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access...
CVE-2022-21156
Summary: CVE-2022-21156 is a vulnerability in Intel® Trace Analyzer and Collector prior to version 2021.5 where an uninitialized pointer can be exploited by an authenticated user with local access to potentially cause a denial of service. This is supported by multiple sources, including NVD (CVSS...
The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2020 are related to access to an uninitialized pointer, allowing attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to access to an uninitialized pointer. Exploiting this...
KLA12418 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, gain privileges, obtain sensitive information. Below is a complete list of...
CVE-2021-43030
Adobe Premiere Rush versions 1.5.16 and earlier allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose arbitrary data on affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
CVE-2021-43030
Adobe Premiere Rush versions 1.5.16 and earlier allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose arbitrary data on affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
CVE-2021-38409
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an access of uninitialized pointer, which may allow an attacker read from or write to unexpected memory locations, leading to a denial-of-service...
CVE-2021-38409
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an access of uninitialized pointer, which may allow an attacker read from or write to unexpected memory locations, leading to a denial-of-service...
Design/Logic Flaw
Adobe Premiere Rush versions 1.5.16 and earlier allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose arbitrary data on affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...