Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-2248)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-1118

The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file...

(0Day) Microsoft Outlook HTML Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Outlook. User interaction is required to exploit this vulnerability in that the target must open an email. The specific flaw exists within the handling of HTML. The issue results fr...

Design/Logic Flaw

hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json...

CVE-2019-8629

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges...

CVE-2019-8552

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to elevate privileges...

CVE-2019-8540

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout...

CVE-2019-8504

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory...

CVE-2019-8540

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout...

CVE-2019-8552

CVE-2019-8552 is an Apple memory-init issue that is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, and watchOS 5.2. The vulnerability could allow a malicious application to elevate privileges due to improved memory handling. Affected products are iOS, macOS Mojave, tvOS, and watchOS as liste...

CVE-2019-8552

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to elevate privileges...

CVE-2019-8540

CVE-2019-8540 describes a memory initialization issue that could allow a malicious app to determine kernel memory layout. The issue is fixed in Apple platforms as follows: iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, and watchOS 5.2. The root cause is a memory initialization problem related to impr...

CVE-2019-8504

CVE-2019-8504 is an Apple memory initialization issue affecting the IOKit/kernel memory handling. The vulnerability could allow a local user to read kernel memory. The issue is addressed in official Apple advisories with patches in iOS 12.2 and macOS Mojave 10.14.4; multiple connected sources con...

Apple macOS fseventsd Uninitialized Buffer Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the fseventsd...

The vulnerability of the Remote Procedure Call component of the Windows operating system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Remote Procedure Call component in the Windows operating system is related to errors in the initialization mechanisms for objects in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially crafted application...

CVE-2019-1409

An information disclosure vulnerability exists when the Windows Remote Procedure Call RPC runtime improperly initializes objects in memory, aka 'Windows Remote Procedure Call Information Disclosure Vulnerability'...

Windows Remote Procedure Call Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows Remote Procedure Call RPC runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an...

EulerOS 2.0 SP3 : icu (EulerOS-SA-2019-2248)

According to the version of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The collator implementation in i18n/ucol.cpp in International Components for Unicode ICU 52 through SVN revision 293126, as used in Google Chrome befo...

CVE-2017-9788

It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s kernel is related to memory initialization errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...