CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure when parsing certain nested RS-274X format files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of servic...

5.5CVSS7.3AI score0.00039EPSS

Exploits1References2

SUSE CVE•added 2023/02/15 4:24 a.m.•2 views

SUSE CVE-2018-16058

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure...

7.1CVSS7.5AI score0.01038EPSS

Exploits0References11

OSV•added 2017/10/12 8:29 a.m.•23 views

CVE-2017-15286

SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where sqlite3steppStmt==SQLITEROW is false and a data structure is never initialized...

7.5CVSS6.6AI score

Exploits0References2

Cvelist•added 2016/05/02 10:0 a.m.•21 views

CVE-2015-8324

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service NULL pointer dereference and panic via a crafted USB device, related to the ext4fillsuper...

4.8AI score0.00079EPSS

Exploits0References7

OSV•added 2015/12/17 7:25 a.m.•0 views

USN-2841-1 linux vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

10CVSS6.7AI score0.00327EPSS

Exploits1References4

OSV•added 2015/03/12 2:59 p.m.•6 views

CVE-2015-2045

The HYPERVISORxenversion hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors...

8.5AI score

Exploits0References13

OSV•added 2015/03/08 2:59 a.m.•4 views

CVE-2015-2188

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet that is improperly...

5.2AI score

Exploits0References12

CVE•added 2012/01/06 1:0 a.m.•9745 views

CVE-2011-4576

OpenSSL CVE-2011-4576 affects SSL 3.0 padding initialization: the implementation does not properly initialize data structures for block cipher padding, allowing a remote attacker to potentially recover plaintext by decrypting the padding data. Affected releases: OpenSSL before 0.9.8s and 1.x befo...

5CVSS8AI score0.01046EPSS

Exploits0References22Affected Software1

RedHat Linux•added 2010/11/10 7:0 p.m.•2 views

kernel: sctp: do not reset the packet during sctp_packet_config

The sctppacketconfig function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service panic via a certain sequence of SCTP traffic...

7.8CVSS6.2AI score0.02499EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by