Lucene search
K

51 matches found

Microsoft CVE
Microsoft CVE
added 2021/06/22 7:0 a.m.2 views

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

...

5.5CVSS6.5AI score0.00472EPSS
Exploits1
OSV
OSV
added 2021/03/30 9:15 p.m.9 views

AZL-6551 CVE-2021-29648 affecting package kernel for versions less than 5.10.78.1-1

An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolvedids and resolvedsizes are intentionally uninitialized in the vmlinux BPF Type Format BTF, which can cause a system crash upon an unexpected access attempt in mapcreate in...

5.5CVSS6.7AI score0.00284EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/24 12:0 a.m.6 views

Linux kernel information disclosure vulnerability (CNVD-2019-38261)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. An information disclosure vulnerability exists in Linux kernel versions prior to 5.2.14. The vulnerability stems from...

7.5CVSS7.3AI score0.02701EPSS
Exploits0References1
OSV
OSV
added 2019/07/08 6:15 p.m.5 views

CVE-2019-2104

In HIDL, safeunion, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

5.5CVSS6.7AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2019/07/08 6:15 p.m.19 views

CVE-2019-2104

In HIDL, safeunion, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

5.5CVSS5.2AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2017/08/29 1:35 a.m.1 views

DEBIAN-CVE-2017-13715

The skbflowdissect function in net/core/flowdissector.c in the Linux kernel before 4.3 does not ensure that nproto, ipproto, and thoff are initialized, which allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a single crafted MPLS packet...

9.8CVSS8.2AI score0.09652EPSS
Exploits0References1
OSV
OSV
added 2017/08/29 1:35 a.m.3 views

UBUNTU-CVE-2017-13715

The skbflowdissect function in net/core/flowdissector.c in the Linux kernel before 4.3 does not ensure that nproto, ipproto, and thoff are initialized, which allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a single crafted MPLS packet...

9.8CVSS7.2AI score0.09652EPSS
Exploits0References5
OSV
OSV
added 2016/08/05 8:59 p.m.2 views

UBUNTU-CVE-2016-3829

The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain structure members, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 29023649...

5.5CVSS6.5AI score0.00683EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2015/09/01 12:0 a.m.1 views

PT-2015-3305 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.3 Description: The issue is related to the skb flow dissect function in net/core/flow dissector.c, which does not properly initialize n proto, ip proto, and thoff. This allows remote attackers to cause a denia...

10CVSS7.4AI score0.09652EPSS
Exploits1References22
OSV
OSV
added 2015/04/28 2:59 p.m.3 views

DEBIAN-CVE-2015-3340

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request...

2.9CVSS8.3AI score0.00793EPSS
Exploits0References1
OSV
OSV
added 2015/04/28 2:59 p.m.2 views

UBUNTU-CVE-2015-3340

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request...

2.9CVSS7.3AI score0.00793EPSS
Exploits0References3
Rows per page
Query Builder