Lucene search
+L

183 matches found

CVE
CVE
added 2022/07/11 1:48 a.m.108 views

CVE-2022-35414

CVE-2022-35414 affects QEMU

8.8CVSS8.4AI score0.00656EPSS
Exploits1References10Affected Software1
Debian CVE
Debian CVE
added 2022/07/11 1:48 a.m.35 views

CVE-2022-35414

softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translatefail path, leading to an ioreadx or iowritex crash. NOTE: a third party states that the Non-virtualization Use Case in the qemu.org reference applies here, i.e., "Bugs affecting the non-virtualization use ca...

8.8CVSS7.7AI score0.00656EPSS
Exploits1
OSV
OSV
added 2022/07/11 1:48 a.m.7 views

CVE-2022-35414

softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translatefail path, leading to an ioreadx or iowritex crash. NOTE: a third party states that the Non-virtualization Use Case in the qemu.org reference applies here, i.e., "Bugs affecting the non-virtualization use ca...

8.8CVSS8.6AI score0.00656EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2022/06/06 12:0 a.m.6 views

PT-2022-3768 · Qemu +4 · Qemu +4

Name of the Vulnerable Software and Affected Versions: QEMU versions prior to 7.0.0 Description: The issue in QEMU's softmmu/physmem.c file can lead to an uninitialized read on the translate fail path, resulting in an io readx or io writex crash. A third party notes that this might not be...

8.8CVSS7.1AI score0.02904EPSS
Exploits21References207
OSV
OSV
added 2022/05/24 4:49 p.m.31 views

GHSA-4HM9-844J-JMXP Uninitialized read in Nokogiri gem

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...

5.3CVSS6.1AI score0.06457EPSS
Exploits0References19
Github Security Blog
Github Security Blog
added 2022/05/24 4:49 p.m.40 views

Uninitialized read in Nokogiri gem

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...

5.3CVSS6.6AI score0.06457EPSS
Exploits0References20Affected Software1
OSV
OSV
added 2022/05/10 8:15 p.m.3 views

DEBIAN-CVE-2022-20008

In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for...

4.6CVSS6.4AI score0.00361EPSS
Exploits0References1
OSV
OSV
added 2022/02/16 5:15 p.m.3 views

CVE-2021-21966

An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP request to trigger this vulnerability...

5.3CVSS6.1AI score0.01384EPSS
Exploits1References2
CVE
CVE
added 2022/02/16 4:38 p.m.95 views

CVE-2021-21966

The TI CC3200 SimpleLink Solution NWP 2.9.0.0 HTTP Server component exposes /ping.html to unauthenticated POST requests. A POST with parameters __SL_P_T.A/B/C can trigger an uninitialized read, causing information disclosure. TALOS-2021-1393 documents the root cause as CWE-457 (Use of Uninitializ...

5.3CVSS5AI score0.01384EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.110 views

CentOS 8 : php:7.2 (CESA-2020:1624)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1624 advisory. - php: Buffer over-read in PHAR reading functions CVE-2018-20783 - php: Heap buffer overflow in function exifprocessIFDTAG CVE-2019-11034 - php: Heap...

9.8CVSS6.9AI score0.10059EPSS
Exploits14References18
NVD
NVD
added 2020/10/15 3:15 p.m.17 views

CVE-2020-6107

An exploitable information disclosure vulnerability exists in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

5.5CVSS0.01514EPSS
Exploits1References2
OSV
OSV
added 2020/10/15 3:15 p.m.16 views

CVE-2020-6107

An exploitable information disclosure vulnerability exists in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

5.5CVSS6AI score
Exploits0References2
OSV
OSV
added 2020/10/15 3:15 p.m.1 views

DEBIAN-CVE-2020-6107

An exploitable information disclosure vulnerability exists in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

5.5CVSS6.4AI score0.01514EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2020/10/15 3:15 p.m.23 views

CVE-2020-6107

An exploitable information disclosure vulnerability exists in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

5.5CVSS6.3AI score0.01514EPSS
Exploits1References2
OSV
OSV
added 2020/10/15 3:15 p.m.2 views

UBUNTU-CVE-2020-6107

An exploitable information disclosure vulnerability exists in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

5.5CVSS7.3AI score0.01514EPSS
Exploits1References3
CVE
CVE
added 2020/10/15 2:45 p.m.76 views

CVE-2020-6107

CVE-2020-6107 affects F2fs-tools F2fs.Fsck 1.13. The vulnerability is in the dev_read functionality of F2fs.Fsck, where a specially crafted f2fs filesystem can trigger an uninitialized read, leading to information disclosure. Attacker-controlled input (a malicious file) is sufficient to trigger t...

5.5CVSS5AI score0.01514EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/15 2:45 p.m.32 views

CVE-2020-6107

An exploitable information disclosure vulnerability exists in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

4.4CVSS5.2AI score0.01514EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2020/10/15 2:45 p.m.22 views

CVE-2020-6107

An exploitable information disclosure vulnerability exists in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

5.5CVSS2.7AI score0.01514EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/09/08 12:0 a.m.58 views

EulerOS Virtualization for ARM 64 3.0.2.0 : php (EulerOS-SA-2020-1969)

According to the versions of the php packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated we...

9.8CVSS7.4AI score0.09674EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2020/09/08 12:0 a.m.41 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1969)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.09674EPSS
Exploits5References2
Rows per page
Query Builder