Lucene search
+L

268 matches found

NVD
NVD
added 2017/12/07 7:29 p.m.23 views

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS8AI score0.04252EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2017/12/07 12:0 a.m.48 views

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS6.7AI score0.04252EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2017/08/18 12:0 a.m.12 views

The vulnerability of the Cisco IOS operating system, which arises from the lack of initialization for variables, allowing attackers to trigger a service failure.

The vulnerability of the Cisco IOS operating system is related to the absence of initialization for variables. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failures such as waste of computing resources, resetting of watchdog timers, and system...

6.8CVSS6.5AI score0.01131EPSS
Exploits0References2
CNVD
CNVD
added 2017/08/03 12:0 a.m.4 views

Cisco IOS Denial of Service Vulnerability (CNVD-2017-20387)

Cisco IOS is an operating system developed by Cisco for its network devices. A security vulnerability exists in IOS versions prior to 15.24S6, which stems from a program failure to initialize variables. A remote attacker could exploit this vulnerability to cause a denial of service CPU consumptio...

6.8CVSS6.7AI score0.01131EPSS
Exploits0References1
Hacker One
Hacker One
added 2016/08/24 3:21 p.m.23 views

Internet Bug Bounty: use of uninitialized variables in operator.methodcaller

I described this vulnerability in detail in a mail to the PSRT. A copy of my email, plus the fix for this issue, can be found here: https://bugs.python.org/issue27783...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2016/07/18 12:0 a.m.13 views

PT-2016-3448 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue was found in the netlink dump function. This occurs when the Netlink socket receives a message of type XFRM MSG GETSA or XFRM MSG GETPOLICY with the DU...

9.8CVSS7.6AI score0.60631EPSS
Exploits7References49
BDU FSTEC
BDU FSTEC
added 2016/04/06 12:0 a.m.9 views

The vulnerability of the Android operating system, which allows a perpetrator to bypass security measures or obtain confidential information

The vulnerability of the BnGraphicBufferConsumer::onTransact function libs/gui/IGraphicBufferConsumer.cpp in the mediaserver component of the Android operating system exists due to the lack of initialization for certain types of variables. Exploiting this vulnerability could allow a malicious act...

5CVSS7.2AI score0.00749EPSS
Exploits0References3
CNVD
CNVD
added 2015/09/20 12:0 a.m.4 views

NTP logconfig configuration command denial of service vulnerability

Network Time Protocol is a protocol used to synchronize a computer's time to its server or clock source e.g., quartz clock, GPS, etc.. NTP crashes due to uninitialized variables when processing the malformed logconfig configuration command ntpd, allowing remote attackers to exploit the...

7.5CVSS7.8AI score0.05536EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2013/05/20 4:44 p.m.8 views

Kernel: crypto: algif - suppress sending source address information in recvmsg

The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hashrecvmsg function in crypto/algifhash.c and the...

4.9CVSS6.3AI score0.00354EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2011/06/08 12:0 a.m.26 views

SuSE9 Security Update : ethereal (YOU Patch Number 12708)

This ethereal update fixes the use of uninitialized variables. CVE-2011-1590 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid54993; scriptversion"1.5";...

4.3CVSS7.5AI score0.01812EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2010/11/03 3:19 p.m.9 views

Dozens of Bugs Found in One Version of Android Kernel

Security researchers found dozens of high risk security holes in the software used to run specific Android mobile devices, but that’s still a lot better than industry averages, according to a new report. Coverity, an application code testing firm, analyzed the source code for HTC’s Droid Incredib...

0.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.11 views

SuSE 10 Security Update : clamav (ZYPP Patch Number 4169)

This is an update to ClamAV 0.91.2 to fix various bugs like NULL pointer dereferences and uninitialized variables etc. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

5.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/04/17 12:0 a.m.38 views

waraxe-2007-SA-048.txt

waraxe-2007-SA048 - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke Author: Janek Vind "waraxe" Date: 13. April 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-48.html Target software description: VWar module for PhpNuke http://www.vwar.de/ VWar is a webbased...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/12/25 12:0 a.m.12 views

Irokez Blog 0.7.1 - Multiple Remote File Inclusions

Irokez Blog 0.7.1 - Multiple Remote File Inclusions +------------------------------------------------------------------------------------------- + Irokez CMS +------------------------------------------------------------------------------------------- + Details: + Irokez CMS has several scripts...

7.5AI score
Exploits0
UbuntuCve
UbuntuCve
added 2006/07/06 8:5 p.m.18 views

CVE-2006-3390

WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the 1 wp-admin, 2 wp-content, and 3 wp-includes directories, possibly due to uninitialized variables...

5CVSS6AI score0.02807EPSS
Exploits0References1
OSV
OSV
added 2006/07/06 8:5 p.m.2 views

DEBIAN-CVE-2006-3390

WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the 1 wp-admin, 2 wp-content, and 3 wp-includes directories, possibly due to uninitialized variables...

5CVSS7AI score0.02807EPSS
Exploits0References1
OSV
OSV
added 2006/07/06 8:5 p.m.8 views

CVE-2006-3390

WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the 1 wp-admin, 2 wp-content, and 3 wp-includes directories, possibly due to uninitialized variables...

6.3AI score
Exploits0References8
Debian CVE
Debian CVE
added 2006/07/06 8:0 p.m.52 views

CVE-2006-3390

WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the 1 wp-admin, 2 wp-content, and 3 wp-includes directories, possibly due to uninitialized variables...

5CVSS5.9AI score0.02807EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.29 views

Mandrake Linux Security Advisory : netpbm (MDKSA-2005:199)

Pnmtopng in netpbm 10.2X, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap PNM images to Portable Network Graphics PNG, which might allow attackers to execute arbitrary code by modifying the stack. Netpbm 9.2X is not affected by this...

7.5CVSS6AI score0.04873EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2005/11/01 9:2 p.m.32 views

CVE-2005-3418

Multiple cross-site scripting XSS vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errormsg parameter to usercpregister.php, 2 forwardpage parameter to login.php, and 3 listcat parameter to search.php, which are not initialized as...

4.3CVSS6AI score0.01837EPSS
Exploits0References1
Rows per page
Query Builder