Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not initializing the name field of the fscryptstr structure in the readalloconename function, resulting in t...

Fortinet Fortigate Access to NULL pointer in SSL VPN portal (FG-IR-22-086)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-086 advisory. - A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 throug...

Adobe Media Encoder < 15.4 Multiple Vulnerabilities (APSB21-43) (macOS)

The version of Adobe Media Encoder installed on the remote macOS host is prior to 15.4. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB21-43 advisory. - Adobe Media Encoder version 15.2 and earlier is affected by a memory corruption vulnerability when parsing a...

PT-2024-39517 · Irfan Skiljan · Irfanview

Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this, where the target must visit a malicious...

IrfanView SID File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SID files...

CVE-2024-47411

Animate versions 23.0.7, 24.0.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47411

Animate versions 23.0.7, 24.0.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47411

Adobe Animate versions 23.0.7, 24.0.4 and earlier are affected by CVE-2024-47411 (Access of Uninitialized Pointer), which could allow arbitrary code execution in the context of the current user. The vulnerability requires user interaction, as a victim must open a malicious file. The root cause is...

CVE-2024-47411 Animate | Access of Uninitialized Pointer (CWE-824)

Animate versions 23.0.7, 24.0.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47411 Animate | Access of Uninitialized Pointer (CWE-824)

Animate versions 23.0.7, 24.0.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

The vulnerability of the SPRT sniffer of the Wireshark computer network traffic analyzer allows a hacker to cause a service failure.

The vulnerability of the SPRT sniffer in the Wireshark computer network traffic analyzer relates to access to an uninitialized pointer. Exploiting this vulnerability can allow a hacker to cause a service failure by sending specially crafted RTP packets...

ROS-20241001-08

Vulnerability of SPRT dissector of Wireshark computer network traffic analyzer related to access to an uninitialized pointer. uninitialized pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service via packet injection or a specially crafted capture...

SUSE CVE-2024-46844

In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer isn't initialized by callers, but I have encountered cases where it's still printed; initialize it in all possible cases in setuponeline...

AZL-49797 CVE-2024-46844 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer isn't initialized by callers, but I have encountered cases where it's still printed; initialize it in all possible cases in setuponeline...

UBUNTU-CVE-2024-46844

In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer isn't initialized by callers, but I have encountered cases where it's still printed; initialize it in all possible cases in setuponeline...

CVE-2024-46856 net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices

In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices The probe function is only used for DP83822 and DP83826 PHY, leaving the private data pointer uninitialized for the DP83825 models which causes a NULL pointer...

kernel: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

A vulnerability was found in the Linux kernel's amdgpu driver in the amdgpuvceringparsecs function where the size variable is initialized with a pointer that may not be properly set before use. This issue could lead to unpredictable behavior in the system...

kernel: HID: i2c-hid-of: fix NULL-deref on failed power up

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid-of: fix NULL-deref on failed power up A while back the I2C HID implementation was split in an ACPI and OF part, but the new OF driver never initialises the client pointer which is dereferenced on power-up failures...

The vulnerability of the Windows Networking (WNet) service in Windows operating systems, which allows a perpetrator to disclose protected information

The vulnerability of the Windows Networking WNet service in Windows operating systems is related to the use of an uninitialized pointer. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by this service...

The vulnerability of the h5tools_str_sprint() function in the h5tools_str.c file of the HDF5 library allows a attacker to cause a service failure.

The vulnerability of the h5toolsstrsprint function in the h5toolsstr.c file of the HDF5 library is related to the access to an uninitialized pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...