CVE-2016-4498

Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2016-4498

CVE-2016-4498 affects Panasonic FPWIN Pro 5.x–7.x (up to version 7.130). The root cause is an uninitialized pointer access in the FPWIN Pro project processing (notably in CPlcSetting::Load per ZDI-16-332), which can crash the application and, per advisories, may enable code execution under certai...

CVE-2016-4498

Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors...

Panasonic FPWIN Pro CPlcSetting::Load Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic FPWIN Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing o...

Microsoft Edge Memory Corruption (MS16-052: CVE-2016-0191)

A remote code execution vulnerability has been reported in Microsoft Edge. The vulnerability is due to a use of uninitialized pointer. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in a way that would...

The vulnerability of Asterisk IP-telephony management systems and Certified Asterisk, which allows a perpetrator to trigger a service failure.

The vulnerability of Asterisk IP-telephony systems and Certified Asterisk is related to errors in pointer assignment. Exploiting this vulnerability can allow a malicious actor to cause service failures pointer assignment of an uninitialized pointer and emergency termination of operations...

php: uninitialized pointer in phar_make_dirstream()

A flaw was found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened...

Adobe Flash MPEG-4 Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within MPEG-4 parsing. A...

Adobe Flash MPEG-4 Parsing Uninitialized Pointer Remote Code Execution Vulnerability

Adobe FlashPlayer is a multimedia program player. A security vulnerability exists in Adobe Flash's MPEG-4 parsing that could force an indirect reference to an uninitialized pointer. An attacker can exploit this vulnerability to execute arbitrary code in the context of the current process...

Adobe Flash MPEG Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within MPEG-4 parsing. A...

Exploit for CVE-2016-0040

cve-2016-0040 poc for cve-2016-0040 bug found and exp...

Null pointer dereference

Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a zero length error...

CVE-2016-2232

Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a zero length error...

CVE-2016-2232

Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a zero length error...

Panasonic FPWIN Pro Vulnerabilities

OVERVIEW NCCIC/ICS-CERT received a report from Trend Micro’s Zero Day Initiative ZDI concerning buffer overflow vulnerabilities in Panasonic FPWIN Pro software. These vulnerabilities were reported to ZDI by security researcher Steven Seeley. Panasonic has produced a new version to mitigate these...

Internet Bug Bounty: Uninitialized pointer in phar_make_dirstream()

https://bugs.php.net/bug.php?id=71331...

CVE-2015-7804

Off-by-one error in the pharparsezipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service uninitialized pointer dereference and application crash by including the / filename in a .zip PHAR archive...

EUVD-2015-7703

Off-by-one error in the pharparsezipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service uninitialized pointer dereference and application crash by including the / filename in a .zip PHAR archive...

RHEL 7 : chrony (RHSA-2015:2241)

Updated chrony packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

chrony: uninitialized pointer in cmdmon reply slots

An uninitialized pointer use flaw was found when allocating memory to save unacknowledged replies to authenticated command requests. An attacker that has the command key and is allowed to access cmdmon only localhost is allowed by default could use this flaw to crash chronyd or, possibly, execute...