CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

958 matches found

SUSE CVE•added 2023/02/15 6:3 a.m.•1 views

SUSE CVE-2009-1711

WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted HTML document...

9.3CVSS7.6AI score0.064EPSS

Exploits2References6

SUSE CVE•added 2023/02/15 5:40 a.m.•1 views

SUSE CVE-2013-1728

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors...

4.3CVSS8.5AI score0.01072EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:26 a.m.•0 views

SUSE CVE-2014-7942

The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

7.5CVSS9.4AI score0.02662EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:16 a.m.•1 views

SUSE CVE-2015-5229

The calloc function in the glibc package in Red Hat Enterprise Linux RHEL 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service hang or crash via unspecified vectors...

7.5CVSS6.8AI score0.01EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:5 a.m.•2 views

SUSE CVE-2016-2795

The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...

8.8CVSS7.2AI score0.00565EPSS

Exploits0References13

SUSE CVE•added 2023/02/15 5:3 a.m.•2 views

SUSE CVE-2016-4076

epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5.9CVSS7.4AI score0.00168EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 3:50 a.m.•2 views

SUSE CVE-2021-1820

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory...

6.5CVSS6.2AI score0.0048EPSS

Exploits0References9

SUSE CVE•added 2023/02/15 3:35 a.m.•1 views

SUSE CVE-2022-0175

A flaw was found in the VirGL virtual OpenGL renderer virglrenderer. The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading t...

6.5CVSS6.3AI score0.0012EPSS

Exploits0References6

Ubuntu•added 2023/02/09 9:46 p.m.•64 views

USN-5859-1: Linux kernel (OEM) vulnerabilities

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 It was discovered that the Netronome...

7.8CVSS7.2AI score0.00592EPSS

Exploits5

OSV•added 2023/02/09 9:46 p.m.•0 views

USN-5859-1 linux-oem-5.14 vulnerabilities

7.8CVSS6.9AI score0.00592EPSS

Exploits5References5

OpenVAS•added 2022/12/13 12:0 a.m.•22 views

Ubuntu: Security Advisory (USN-5773-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.0088EPSS

Exploits3References2

OSV•added 2022/12/08 3:3 a.m.•9 views

GSD-2022-1008083 Bluetooth: L2CAP: Fix attempting to access uninitialized memory

Bluetooth: L2CAP: Fix attempting to access uninitialized memory This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.154 by commit...

7.2AI score

Exploits0

Positive Technologies•added 2022/11/14 12:0 a.m.•2 views

PT-2022-34872 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to a missing memcpy in kasan init, which may potentially lead to security vulnerabilities. The actual impact and attack plausibility have not yet been proven...

7.3AI score

Exploits0References1

UbuntuCve•added 2022/11/10 8:15 p.m.•22 views

CVE-2022-39393

Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously ...

8.6CVSS7AI score0.00333EPSS

Exploits0References3

Positive Technologies•added 2022/11/05 12:0 a.m.•3 views

PT-2022-24952 · Wasmtime · Wasmtime

Name of the Vulnerable Software and Affected Versions: Wasmtime versions prior to 2.0.2 Description: There is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance, the initial heap snapshot of the prior instance can be...

8.6CVSS8.2AI score0.00333EPSS

Exploits0References17

CNNVD•added 2022/10/24 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly initializing memory. An attacker could exploit this vulnerability to execute arbitrary code in...

5.1CVSS6.6AI score0.00094EPSS

Exploits0References5

OSV•added 2022/10/21 2:24 p.m.•1 views

USN-5695-1 linux-gcp vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

8.2CVSS6.7AI score0.00442EPSS

Exploits1References10

Zero Day Initiative•added 2022/10/21 12:0 a.m.•18 views

Linux Kernel nftables Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.1CVSS3.9AI score0.00094EPSS

Exploits0References1

Zero Day Initiative•added 2022/10/14 12:0 a.m.•25 views

Altair HyperView Player H3D File Parsing Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Altair HyperView Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.7AI score0.00068EPSS

Exploits0References1

Ubuntu•added 2022/10/13 8:0 p.m.•57 views

USN-5678-1: Linux kernel vulnerabilities

8.2CVSS6.7AI score0.00442EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by