CVE-2023-31346

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests...

CVE-2023-31346

CVE-2023-31346 is confirmed by connected advisories to affect linux-firmware related components and SEV firmware handling. The issue describes memory initialization failure in SEV firmware that may allow a privileged attacker to access stale data from other guests, impacting guest memory integrit...

CVE-2023-31346

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests...

AMD SEV-SNP Security Vulnerability

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. A security vulnerability exists in AMD SEV-SNP that stems from a failure to initialize memory in the SEV firmware...

Autodesk AutoCAD SLDPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

CVE-2023-33060

Summary of CVE-2023-33060 (Transient DOS in Core when DDR memory check is called while DDR is not initialized) Multiple connected sources (NVD, Red Hat, AR/ENISA EUVD, etc.) align on a denial-of-service issue arising in the Core when a DDR memory check is performed before DDR initialization. Publ...

The vulnerability of the vhost_new_msg() function in the drivers/vhost/vhost.c file of the Linux kernel’s vhost driver allows a attacker to access protected information.

The vulnerability of the vhostnewmsg function in the drivers/vhost/vhost.c file of the Linux kernel’s vhost driver is related to improper initialization of memory for messages transmitted between host systems. Exploiting this vulnerability could allow an attacker to gain access to protected...

Linux kernel code issue vulnerability (CNVD-2024-06235)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A code issue vulnerability exists in the Linux kernel that stems from vhostnewmsg in drivers/vhost/vhost.c failing to properly initialize memory in messages passed between a...

CVE-2024-0340

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

UBUNTU-CVE-2024-0340

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

Design/Logic Flaw

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

CVE-2024-0340

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

CVE-2024-0340

CVE-2024-0340 is confirmed in the Linux kernel, affecting the vhost_new_msg path in drivers/vhost/vhost.c. The issue arises from memory not being properly initialized when building messages exchanged between virtual guests and the host via /dev/vhost-net, enabling local privileged users to read k...

CVE-2024-0340 Kernel: information disclosure in vhost/vhost.c:vhost_new_msg()

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

PT-2023-31489 · Trimble · Trimble Sketchup Viewer

Name of the Vulnerable Software and Affected Versions: Trimble SketchUp Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this issue, where...

Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

PT-2024-12275

Name of the Vulnerable Software and Affected Versions SEV Firmware affected versions not specified Description The issue is related to the failure to initialize memory in SEV Firmware, which may allow a privileged attacker to access stale data from other guests. Recommendations At the moment, the...

Microsoft Excel SKP File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Adobe Prelude MP4 File Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Prelude. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Audition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...