984 matches found
ROS-20241021-03
Vulnerability of the tic4xprintcond function of the opcodes/tic4x-dis.c component of the GNU development tool Binutils is related to memory initialization errors. Exploitation of the vulnerability allows an attacker, acting remotely, to gain access to confidential data...
SUSE CVE-2024-47728
In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...
AZL-50703 CVE-2024-47728 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...
AZL-50972 CVE-2024-47728 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...
CVE-2024-47966
Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...
CVE-2024-47966
Delta Electronics CNCSoft-G2 contains a Use of Uninitialized Variable (CWE-457) flaw tracked as CVE-2024-47966. The issue affects the CNCSoft-G2 HMI and is triggered by uninitialized memory accessed during parsing or processing, enabling remote code execution when a user opens a malicious page or...
CVE-2024-47966 Use of Uninitialized Variable vulnerability in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...
CVE-2024-44154
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted file may lead to unexpected app termination...
About the security content of macOS Sequoia 15
About the security content of macOS Sequoia 15 This document describes the security content of macOS Sequoia 15. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...
CVE-2024-7541
oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7540
oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7541
oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7542
oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7542 oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability
oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7542
CVE-2024-7542 concerns oFono and the AT+CMGR handling logic. The flaw is described as an uninitialized memory access during parsing of AT CMGR command responses, enabling a local attacker who can execute code on the target modem to disclose sensitive information and potentially execute arbitrary ...
CVE-2024-7542 oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability
oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7541
oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7541
CVE-2024-7541 concerns oFono, specifically the AT+CMT Command parsing flaw. The vulnerability arises from uninitialized memory access during response parsing, enabling local attackers with code execution context as root when combined with other weaknesses. Affected component is oFono’s modem AT+C...
CVE-2024-7540
CVE-2024-7540 concerns oFono’s AT CMGL command handling. The issue stems from uninitialized memory during parsing of AT+CMGL responses, which can allow a local attacker who already has code execution on the target modem to disclose sensitive information and potentially escalate to root. Affected ...
CVE-2024-7540 oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability
oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...