PT-2023-7341 · Perl +3 · Perl +3

Name of the Vulnerable Software and Affected Versions: Perl version 5.34.0 Description: The issue is related to the S find uninit var function in the sv.c file of the Perl interpreter, which is associated with a buffer overflow. This can allow a remote attacker to execute arbitrary code or lead t...

PDF-XChange Editor PDF File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2023-38226 ZDI-CAN-21240: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability

Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a...

CVE-2023-38234 ZDI-CAN-21359: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability

Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a...

CVE-2023-38234 ZDI-CAN-21359: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability

Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a...

CVE-2023-3488 Uninitialized variable in Gecko Bootloader can leak secure stack

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...

CVE-2023-21618 ZDI-CAN-20963: Adobe Substance 3D Designer SBS File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Adobe Substance 3D Designer version 12.4.1 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-32573

A vulnerability was found in qt. The security flaw occurs due to uninitialized variable usage in munitsPerEm...

CVE-2023-29278 ZDI-CAN-20371: Adobe Substance 3D Painter GLTF File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Substance 3D Painter versions 8.3.0 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-29278 ZDI-CAN-20371: Adobe Substance 3D Painter GLTF File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Substance 3D Painter versions 8.3.0 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-29286 ZDI-CAN-20369: Adobe Substance 3D Painter USD File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Substance 3D Painter versions 8.3.0 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-29286 ZDI-CAN-20369: Adobe Substance 3D Painter USD File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Substance 3D Painter versions 8.3.0 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

Adobe Substance 3D Painter GLTF File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Substance 3D Painter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Adobe Substance 3D Painter USD File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Substance 3D Painter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Use Of Uninitialized Variable

linux-gke is vulnerable to Use of Uninitialized Variable. The vulnerability allows users with the ability to execute high-privileged code to exploit the flaws within 'nftosfeval function' causing a lack of proper initialization of memory prior to accessing it resulting in the attacker gaining...

SecurePoint UTM 12.x Memory Leak

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Use of Uninitialized Variable CWE-457 Date found: 2023-01-05 Date published: 2023-04-12 CVSSv3 Scor...

CVE-2023-25010

A malicious actor may convince a victim to open a malicious USD file that may trigger an uninitialized variable which may result in code execution...

CVE-2023-25010

A malicious actor may convince a victim to open a malicious USD file that may trigger an uninitialized variable which may result in code execution...