125 matches found
Information disclosure
Insecure default variable initialization of IntelR RealSenseTM ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access...
CVE-2021-33130
Insecure default variable initialization of IntelR RealSenseTM ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access...
CVE-2021-33130
CVE-2021-33130 targets Intel RealSense ID Solution F450 before 2.6.0.74. The issue arises from insecure default variable initialization, potentially allowing an unauthenticated user to disclose information via physical access. Impact is described as partial confidentiality loss (C:H) with no inte...
CVE-2021-33130
Insecure default variable initialization of IntelR RealSenseTM ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access...
Code injection
Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user...
Constructor cannot be used in upgradeable contracts
Lines of code Vulnerability details Details As per OpenZeppelin’s documentation, “Due to a requirement of the proxy-based upgradeability system, no constructors can be used in upgradeable contracts.” reason being “the code within a logic contract’s constructor will never be executed in the contex...
CVE-2021-0144
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access...
CVE-2020-24455
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...
CVE-2020-24455
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...
Privilege escalation
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...
CVE-2020-24455
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...
CVE-2020-24455
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...
The vulnerability of the DCH-compatible Thunderbolt driver is related to the initialization of a defaultly insecure variable, which allows an attacker to disclose protected information.
The vulnerability of the DCH-compatible Thunderbolt driver is related to the initialization of a defaultly insecure variable. Exploiting this vulnerability could allow an attacker to disclose protected information...
SUSE-SU-2019:3184-2 Security update for ffmpeg
This update for ffmpeg fixes the following issues: Security issues fixed: - CVE-2019-17542: Fixed a heap-buffer overflow in vqadecodechunk due to an out-of-array access bsc1154064. - CVE-2019-12730: Fixed an uninitialized use of variables due to an improper check bsc1137526. - CVE-2019-9718: Fixe...
CVE-2019-9320
In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111761624...
CVE-2019-9315
In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326216...
CVE-2019-9317
In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052258...
CVE-2019-9319
In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762100...
CVE-2019-9318
In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111764725...
CVE-2019-9321
In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111208713...