DEBIAN-CVE-2014-0146

The qcow2open function in the block/qcow2.c in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service NULL pointer dereference via a crafted image which causes an error, related to the initialization of the snapshotoffset and nbsnapshots fields...

Security fix for the ALT Linux 7 package samba-DC version 4.5.10-alt1.M70P.1

4.5.10-alt1.M70P.1 built May 25, 2017 Evgeny Sinelnikov in task 183302 May 24, 2017 Evgeny Sinelnikov - Update to second spring security release - Fix longtime initialization bug in ldb proxy - Security fixes: + CVE-2017-7494 Remote code execution from a writable share...

UBUNTU-CVE-2016-4536

The client in OpenAFS before 1.6.17 does not properly initialize the 1 AFSStoreStatus, 2 AFSStoreVolumeStatus, 3 VldbListByAttributes, and 4 ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic...

CVE-2016-0828

The BnGraphicBufferConsumer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not initialize a certain slot variable, which allows attackers to obtain sensitive information, and consequently bypass an...

DEBIAN-CVE-2015-8741

The dissectppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...

USN-2765-1 linux-lts-vivid vulnerability

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash...

DEBIAN-CVE-2015-6826

The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...

UBUNTU-CVE-2015-6826

The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...

Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory — Mozilla

Security researcher Kent Howard reported an Apple issue present in OS X 10.10 Yosemite where log files are created by the CoreGraphics framework of OS X in the /tmp local directory. These log files contain a record of all inputs into Mozilla programs during their operation. In versions of OS X fr...

DEBIAN-CVE-2013-4920

The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service application crash via a crafted packet...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

These updated packages fix the following security issue : - a possible kernel memory leak was found in the Linux kernel Simple Internet Transition SIT INET6 implementation. This could allow a local unprivileged user to cause a denial of service. CVE-2008-2136, Important As well, these updated...

Fedora 13 : beanstalkd-1.4.6-1.fc13 (2010-9570)

Sat Jun 5 2010 Jeremy Hinegardner - 1.4.6-1 - update to upstream 1.4.6 - Mon Feb 22 2010 Jeremy Hinegardner - 1.4.3-2 - fix binlogdir location initialization for bug 55831 - Sun Feb 21 2010 Jeremy Hinegardner - 1.4.3-1 - update to upstream 1.4.3 - change default binlogdir in sysconfig file -...

FreeBSD : Samba 3.0.x password initialization bug (3388eff9-5d6e-11d8-80e3-0020ed76ef5a)

From the Samba 3.0.2 release notes : Security Announcement: It has been confirmed that previous versions of Samba 3.0 are susceptible to a password initialization bug that could grant an attacker unauthorized access to a user account created by the mksmbpasswd.sh shell script. %NASLMINLEVEL 70300...

Samba 3.0.x password initialization bug

From the Samba 3.0.2 release notes: Security Announcement: It has been confirmed that previous versions of Samba 3.0 are susceptible to a password initialization bug that could grant an attacker unauthorized access to a user account created by the mksmbpasswd.sh shell script...