Microsoft Excel XLS File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

CVE-2020-16901

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

CVE-2020-16901

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

Information disclosure

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

CVE-2020-9964

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. A local user may be able to read kernel memory...

CVE-2020-9964

CVE-2020-9964 describes a memory initialization issue in iOS/iPadOS that could allow a local user to read kernel memory. Apple attributes the fix to iOS 14.0 and iPadOS 14.0 with improved memory handling. Connected sources corroborate the vulnerability as an Apple memory initialization/out-of-bou...

PT-2020-4274 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: An information disclosure issue exists due to the Windows kernel's improper initialization of objects in memory. To exploit this, an authenticated attacker could run a specially crafted...

PT-2020-6454 · Apple · Ipados +3

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 watchOS versions prior to 7.1 iOS versions prior to 12.4.9 and prior to 14.2 watchOS versions prior to 6.2.9 and prior to 5.3.9 macOS Catalina versions prior to 10.15.7 Supplemental Update and prior to 10.15.7...

PT-2020-20901 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 14.0 iPadOS versions prior to 14.0 Description: A memory initialization issue was addressed with improved memory handling, allowing a local user to potentially read kernel memory. Recommendations: For iOS versions prior ...

CVE-2020-1592

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

Microsoft Windows/Windows Server Information Disclosure Vulnerability (CNVD-2021-63312)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, an operating system for personal devices, and Microsoft Windows Server, a server operating system. Microsoft Windows/Windows Server is vulnerable to an information disclosure vulnerability that originates...

PT-2020-3908 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: An information disclosure issue exists due to improper initialization of objects in memory by the Windows kernel. To exploit this, an authenticated attacker could run a specially crafted...

USN-4488-1 xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04 vulnerabilities

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. CVE-2020-14346 Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could...

The vulnerability of the X Window System Xorg-server, related to improper memory initialization, allows an attacker to cause a leak of part of the server’s memory for the Xorg-server client.

The vulnerability of the X Window System Xorg-server is related to incorrect memory initialization. Exploiting this vulnerability can allow an attacker to cause a leak of part of the server’s memory for the Xorg-server client...

DEBIAN-CVE-2020-14347

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable...

CVE-2020-14347

CVE-2020-14347 affects the X.Org X server (xorg-server): a flaw that leaks uninitialized heap memory from the server to clients, potentially enabling information disclosure and, in elevated-privilege setups, ASLR bypass. Affected releases include Xorg-server prior to a patched version; multiple a...

CVE-2020-14347

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable...

X.Org Server Pixel Data Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processi...

CVE-2020-14347

A flaw was found in the way the Xserver memory was not properly initialized. This issue leak parts of server memory to the X client. In cases where the Xorg server runs with elevated privileges, this flaw results in a possible ASLR bypass...

USN-4440-1 linux-hwe, linux-aws-5.3, linux-azure-5.3, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-oracle-5.3, linux-raspi2-5.3 vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the kernel-user space relay...