The vulnerability of the squashfs_read inode() function in the squashfs file system of Linux kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the squashfsread inode function in the fs/squashfs/inode.c file of the squashfs file system in the Linux kernel is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the setup_one_line() function in the Linux operating system’s kernel in the User-mode-Linux (UML) mode allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the setuponeline function in the arch/um/drivers/line.c module of the Linux kernel in the User-mode-Linux UML mode is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the gue_gro_receive() function in the IPv4 implementation of the Linux operating system’s kernel allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the guegroreceive function in the net/ipv4/foucore.c module, which is part of the Linux operating system’s IPv4 kernel implementation, relates to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and...

Delta Electronics CNCSoft-G2 DPAX File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Delta Electronics CNCSoft-G2 Uninitialized Variable Vulnerability

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from an uninitialized variable vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2024-47966 Use of Uninitialized Variable vulnerability in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...

Delta Electronics CNCSoft-G2

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-G2 Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Heap-Based Buffer Overflow, Out-of-bounds Read, Use of Uninitialized Variable 2. RISK EVALUATION...

Delta Electronics CNCSoft-G2 安全漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from an uninitialized variable vulnerability that can be exploited by an attacker to execute code in the context of the current process...

GO-2024-3167 Golang FIPS OpenSSL has a Use of Uninitialized Variable vulnerability in github.com/golang-fips/openssl

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

Use Of Uninitialized Variable

github.com/golang-fips/openssl is vulnerable to Use of Uninitialized Variable. The vulnerability is due to improper handling of uninitialized buffer lengths in FIPS mode, which can result in zeroed buffers being returned. This flaw allows an attacker to force false positive hash matches, send...

CVE-2024-9483 Uninitialized variable in digital signiture verification may crash the application

A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing...

Golang FIPS OpenSSL has a Use of Uninitialized Variable vulnerability

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

GHSA-3H3X-2HWV-HR52 Golang FIPS OpenSSL has a Use of Uninitialized Variable vulnerability

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

PT-2024-9585 · Gstreamer +8 · Gstreamer +8

Name of the Vulnerable Software and Affected Versions: GStreamer versions prior to 1.24.10 Description: GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst matroska demux add wvpk header function...

kernel: mptcp: ensure snd_una is properly initialized on connect

A vulnerability was found in the Linux kernel's match component in the initialization of the snduna variable while establishing a connection. The issue arises when retransmission occurs after a fallback, leaving the snduna sequence number uninitialized, leading to unpredictable behavior and...

PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability

PDF-XChange Editor is a PDF editor software and PDF reader. PDF-XChange Editor RTF file parsing has an uninitialized variable remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

CVE-2024-46794 x86/tdx: Fix data leak in mmio_read()

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmioread The mmioread function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmioread unintentionally exposes the value of an initialized variable val on the stack...

PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

The vulnerability of the H5A__attr_release_table() function in the H5Aint.c file of the HDF5 library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the H5Aattrreleasetable function in the H5Aint.c file of the HDF5 library is related to the use of an uninitialized variable. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected informati...