Code injection

The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...

CVE-2016-2795

The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...

CVE-2016-2795

Graphite 2 vulnerability CVE-2016-2795 affects the Graphite font engine library. The function graphite2::FileFace::get_table_fn in Graphite 2 before 1.3.6 does not initialize memory for an unspecified data structure, enabling a remote attacker to cause denial of service (and possibly other impact...

CVE-2016-0828

The BnGraphicBufferConsumer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not initialize a certain slot variable, which allows attackers to obtain sensitive information, and consequently bypass an...

Arbitrary Code Execution Vulnerability in Multiple Adobe Products (CNVD-2016-01539)

Adobe Acrobat DC, etc. are the United States of America Auduby Adobe company's products. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF.Classic and Continuous are Acrobat DC and Acrobat Reader DC product download center to provid...

Fedora 23 : xen-4.5.2-6.fc23 (2015-d8253e2b1d)

paravirtualized drivers incautious about shared memory contents XSA-155, CVE-2015-8550 qemu-dm buffer overrun in MSI-X handling XSA-164, CVE-2015-8554 information leak in legacy x86 FPU/XMM initialization XSA-165, CVE-2015-8555 ioreq handling possibly susceptible to multiple read issue XSA-166 No...

Lexmark Printer Competitive Conditions Vulnerability

Lexmark printer is a printer product from Lexmark, USA. A competitive condition vulnerability exists in the initialization process of the Lexmark printer. A remote attacker can bypass authentication via incorrect detection of security-jumper state...

CVE-2016-1896

Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status...

CVE-2016-1614

The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome before 48.0.2564.82, mishandles the initialization mode, which allows remote attackers to obtain sensitive information from process memory via a...

Design/Logic Flaw

The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome before 48.0.2564.82, mishandles the initialization mode, which allows remote attackers to obtain sensitive information from process memory via a...

UBUNTU-CVE-2016-1614

The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome before 48.0.2564.82, mishandles the initialization mode, which allows remote attackers to obtain sensitive information from process memory via a...

CVE-2016-1614

The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome before 48.0.2564.82, mishandles the initialization mode, which allows remote attackers to obtain sensitive information from process memory via a...

we7cms directory traversal vulnerability

we7cms is a content management system based on asp.net development. The we7cms V3.0 system has multiple directory traversal vulnerabilities that can be exploited by attackers to obtain sensitive information through database initialization and table building statements...

DEBIAN-CVE-2015-8741

The dissectppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2015-6471

Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data...

USN-2843-2 linux-lts-wily vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

information leak in legacy x86 FPU/XMM initialization

ISSUE DESCRIPTION When XSAVE/XRSTOR are not in use by Xen to manage guest extended register state, the initial values in the FPU stack and XMM registers seen by the guest upon first use are those left there by the previous user of those registers. IMPACT A malicious domain may be able to leverage...

USN-2841-1 linux vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

kernel: Unauthorized access to IPC objects with SysV shm

A race condition flaw was found in the way the Linux kernel's IPC subsystem initialized certain fields in an IPC object structure that were later used for permission checking before inserting the object into a globally visible list. A local, unprivileged user could potentially use this flaw to...

CVE-2015-7054

zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site...