Lucene search
K

11 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.3 views

SUSE CVE-2011-3207

crypto/x509/x509vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past...

5CVSS6.9AI score0.05012EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.4 views

SUSE CVE-2013-2234

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

2.1CVSS6AI score0.00552EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.3 views

SUSE CVE-2013-2547

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...

2.1CVSS5.3AI score0.00388EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.4 views

SUSE CVE-2013-4934

The netmonopen function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service application crash via a crafted packet-trace file...

4.3CVSS7.3AI score0.02886EPSS
Exploits0References4
OSV
OSV
added 2016/08/05 8:59 p.m.3 views

CVE-2016-3829

The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain structure members, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 29023649...

5.5CVSS7.3AI score0.00683EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/11/20 4:35 p.m.3 views

wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) (A different flaw than CVE-2013-4933)

The netmonopen function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service application crash via a crafted packet-trace file...

4.3CVSS5.9AI score0.02886EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/05/20 4:44 p.m.4 views

kernel: crypto: info leaks in report API

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...

2.1CVSS7.1AI score0.00388EPSS
Exploits1References4
OSV
OSV
added 2011/09/22 10:55 a.m.1 views

DEBIAN-CVE-2011-3207

crypto/x509/x509vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past...

5CVSS7.6AI score0.05012EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/01/11 7:44 p.m.2 views

kernel: net/sched/act_police.c infoleak

The tcfactpolicedump function in net/sched/actpolice.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel...

2.1CVSS6.2AI score0.00404EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/11/10 7:0 p.m.5 views

kernel: net/sched/act_police.c infoleak

The tcfactpolicedump function in net/sched/actpolice.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel...

2.1CVSS6.2AI score0.00404EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/10/14 3:26 p.m.10 views

kernel: wireless: fix 64K kernel heap content leak via ioctl

The cfg80211wextgiwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctlstandardiwpoint function in net/wireless/wext-core.c, an...

2.1CVSS7.4AI score0.00415EPSS
Exploits0References4
Rows per page
Query Builder