Mozilla: Uninitialized variable leads to invalid memory read

The Mozilla Foundation Security Advisory describes this flaw as: A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption...

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2023-06866)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a buffer overflow vulnerability that originates from a possible memory corruption when manipulating webp images. An attacker could use the vulnerability to cause...

Mozilla Firefox 缓冲区错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox, which originates from an invalid memory read due to an uninitialized variable...

Security Vulnerabilities fixed in Firefox 101 — Mozilla

A malicious website could have learned the size of a cross-origin resource that supported Range requests. A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. When exiting fullscreen mode, an iframe could have...

CVE-2022-27794

Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user...

CVE-2022-27794

CVE-2022-27794 affects Adobe Acrobat Reader DC and related products, where a variable not initialized while parsing embedded fonts can lead to arbitrary code execution in the context of the current user. The exploitation requires user interaction (the user must open a crafted PDF). Affected produ...

CVE-2022-27794 Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability

Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user...

EulerOS Virtualization 3.0.2.0 : vim (EulerOS-SA-2022-1699)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3872, CVE-2021-3927, CVE-2021-3984, CVE-2021-4019, CVE-2022-0213 - vim is...

CVE-2022-28488

The function wavformatwrite in libwav.c in libwav through 2017-04-20 has an Use of Uninitialized Variable vulnerability...

CVE-2022-28488

The function wavformatwrite in libwav.c in libwav through 2017-04-20 has an Use of Uninitialized Variable vulnerability...

CVE-2022-28488

The function wavformatwrite in libwav.c in libwav through 2017-04-20 has an Use of Uninitialized Variable vulnerability...

Design/Logic Flaw

The function wavformatwrite in libwav.c in libwav through 2017-04-20 has an Use of Uninitialized Variable vulnerability...

CVE-2022-28488

The CVE-2022-28488 entry concerns the libwav project: the function wav_format_write in libwav.c (libwav up to 2017-04-20) contains a use of uninitialized variable vulnerability. Public references (NVD, Red Hat, CVE List, CVELIST, CNNVD) confirm this vulnerability description. The connected docume...

CVE-2022-28488

The function wavformatwrite in libwav.c in libwav through 2017-04-20 has an Use of Uninitialized Variable vulnerability...

EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2022-1415)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927,...

EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-1389)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927,...

CVE-2022-27794

Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user...

Debian DLA-2947-1 : vim - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2947 advisory. Multiple security vulnerabilities have been discovered in vim, an enhanced vi editor. Buffer overflows, out-of-bounds reads and Null pointer dereferences may lead ...

SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:0736-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0736-1 advisory. - CVE-2022-0318: Fixed heap-based buffer overflow bsc1195004. - CVE-2021-3796: Fixed use-after-free in nvrepla...

openSUSE 15 Security Update : vim (openSUSE-SU-2022:0736-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0736-1 advisory. - CVE-2022-0318: Fixed heap-based buffer overflow bsc1195004. - CVE-2021-3796: Fixed use-after-free in nvreplace in normal.c bsc1190570. -...