USN-6760-1 gerbv vulnerability

George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure when parsing certain nested RS-274X format files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of servic...

CVE-2024-26713

...

SUSE CVE-2018-16058

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure...

CVE-2017-15286

SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where sqlite3steppStmt==SQLITEROW is false and a data structure is never initialized...

DEBIAN-CVE-2016-4536

The client in OpenAFS before 1.6.17 does not properly initialize the 1 AFSStoreStatus, 2 AFSStoreVolumeStatus, 3 VldbListByAttributes, and 4 ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic...

CVE-2015-8324

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service NULL pointer dereference and panic via a crafted USB device, related to the ext4fillsuper...

USN-2841-1 linux vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

CVE-2015-2045

The HYPERVISORxenversion hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors...

CVE-2015-2188

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet that is improperly...

CVE-2011-4576

OpenSSL CVE-2011-4576 affects SSL 3.0 padding initialization: the implementation does not properly initialize data structures for block cipher padding, allowing a remote attacker to potentially recover plaintext by decrypting the padding data. Affected releases: OpenSSL before 0.9.8s and 1.x befo...

kernel: sctp: do not reset the packet during sctp_packet_config

The sctppacketconfig function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service panic via a certain sequence of SCTP traffic...

security flaw

Real time clock RTC routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space...

CVE-2003-0984

Real time clock RTC routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space...