CVE-2018-4431

A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2...

CVE-2018-4413

A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1...

CVE-2018-4421

A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1...

CVE-2018-4351

A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14...

Memory corruption

A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1...

CVE-2018-4431

CVE-2018-4431 refers to a kernel memory initialization issue addressed by Apple via memory handling improvements. Affected products/versions include iOS

CVE-2018-4421

CVE-2018-4421 is an Apple macOS security issue described as a memory initialization problem resolved by improved memory handling, affecting versions prior to macOS Mojave 10.14.1. Connected Red Hat and Apple entries confirm the vulnerability relates to the Intel Graphics Driver (IOAccelerator/IGA...

CVE-2018-4351

CVE-2018-4351 is a memory initialization issue in Apple macOS Mojave’s Intel Graphics Driver. The vulnerability permits local attackers to read restricted memory due to improper memory initialization, affecting macOS versions prior to Mojave 10.14. Related sources describe exploitation in the con...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1156)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by...

CVE-2019-1761

A vulnerability in the Hot Standby Router Protocol HSRP subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker...

Cisco IOS and IOS XE HSRP Information Disclosure Vulnerability

Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. A security vulnerability exists in the Hot Standby Router Protocol subsystem in Cisco IOS and IOS XE, which arises from a program's failure to adequately initialize memory. An attacker could exploit th...

CVE-2018-12204

Improper memory initialization in Platform Sample/Silicon Reference firmware IntelR Server Board, IntelR Server System and IntelR Compute Module may allow privileged user to potentially enable an escalation of privilege via local access...

UBUNTU-CVE-2018-12204

Improper memory initialization in Platform Sample/Silicon Reference firmware IntelR Server Board, IntelR Server System and IntelR Compute Module may allow privileged user to potentially enable an escalation of privilege via local access...

CVE-2018-12204

Improper memory initialization in Platform Sample/Silicon Reference firmware IntelR Server Board, IntelR Server System and IntelR Compute Module may allow privileged user to potentially enable an escalation of privilege via local access...

KB4467696: Windows 10 Version 1703 November 2018 Security Update

The remote Windows host is missing security update 4467696. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard. CVE-2018-8417 - A remote code execution vulnerability...

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

Android - binder Use-After-Free via racy Initialization of ->allow_user_free

The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. The binder driver permits userspace to free buffers in the kernel-managed shared...

Android - binder Use-After-Free via racy Initialization of -allow_user_free

Android - binder Use-After-Free via racy Initialization of -allowuserfree The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. The binder...

Android - binder Use-After-Free via racy Initialization of ->allow_user_free Exploit

Android - binder Use-After-Free via racy Initialization of -allowuserfree Exploit The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. Th...

CVE-2019-0663

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from...