1102 matches found
CVE-2024-7541
CVE-2024-7541 concerns oFono, specifically the AT+CMT Command parsing flaw. The vulnerability arises from uninitialized memory access during response parsing, enabling local attackers with code execution context as root when combined with other weaknesses. Affected component is oFono’s modem AT+C...
CVE-2024-7540 oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability
oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7540 oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability
oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7540
CVE-2024-7540 concerns oFono’s AT CMGL command handling. The issue stems from uninitialized memory during parsing of AT+CMGL responses, which can allow a local attacker who already has code execution on the target modem to disclose sensitive information and potentially escalate to root. Affected ...
CVE-2024-33021 Use of Uninitialized Variable in Automotive GPU
Memory corruption while processing IOCTL call to set metainfo...
oFono 安全漏洞
oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono that stems from an uninitialized variable vulnerability found in the AT CMT Command module...
oFono 安全漏洞
oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono that stems from an uninitialized variable vulnerability found in the AT CMGR Command module...
(0Day) (Pwn2Own) oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CM...
oFono 安全漏洞
oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono that stems from an uninitialized variable vulnerability found in the AT CMGL Command module...
Unspecified vulnerability in Linux kernel (CNVD-2024-35101)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the bpf module in the BPFCOREREADBITFIELD macro, where the variable val may be uninitialized. This could...
kernel: i40e: fix vf may be used uninitialized in this function warning
A flaw was found in the Linux kernel’s Ethernet Controller XL710 family driver. This flaw allows a local user to crash the system...
PDF-XChange Editor Uninitialized Variable Vulnerability (CNVD-2024-33518)
PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. An uninitialized variable vulnerability exists in PDF-XChange Editor, which can be exploited by attackers to disclose sensitive information...
PDF-XChange Editor Uninitialized Variable Vulnerability
PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. An uninitialized variable vulnerability exists in PDF-XChange Editor, which can be exploited by an attacker to disclose sensitive information...
Kofax Power PDF Uninitialized Variable Remote Code Execution Vulnerability
Kofax Power PDF is a professional PDF editing and management software from Kofax. Kofax Power PDF has an uninitialized variable remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code...
CVE-2024-37002
A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...
Autodesk AutoCAD SLDPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
RHEL 8 : mingw-wavpack (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wavpack: Use of uninitialized variable in WavpackSetConfiguration64 leads to DoS CVE-2019-11498 - The...
(Pwn2Own) VMware Workstation hgfsVMCI_fileread Use of Uninitialized Variable Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
RHEL 9 : vim (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vim: buffer overflow CVE-2020-20703 - vim: Heap based buffer overflow in findfile.c CVE-2021-3973 - vim i...
CVE-2021-34951
Foxit PDF Reader Annotation Use of Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target...