EulerOS 2.0 SP5 : vim (EulerOS-SA-2022-1283)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3927, CVE-2021-3984, CVE-2021-4019 - vim is vulnerable to Use of Uninitialized Variable...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1260)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3903, CVE-2021-3927 - vim is vulnerable to Use of Uninitialized Variable CVE-2021-3928 Not...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1248)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3903, CVE-2021-3927 - vim is vulnerable to Use of Uninitialized Variable CVE-2021-3928 Not...

EulerOS 2.0 SP3 : vim (EulerOS-SA-2022-1193)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3778, CVE-2021-3872, CVE-2021-3927 - vim is vulnerable to Use After Free CVE-2021-3796,...

Amazon Linux 2 : vim, --advisory ALAS2-2022-1743 (ALAS-2022-1743)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1743 advisory. vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3903 A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a...

MGASA-2022-0056 Updated php-adodb packages fix security vulnerability

Security hotfix release addressing a critical vulnerability in PostgreSQL connections CVE-2021-3850 Additional fixes: Fix usage of getmagic functions 619 657 Fix PHP warning in rs2rs function 679 pdo: Fix Fatal error in query 666 pdo: Fix undefined variable 678 pgsql: Fix Fatal error in close...

EulerOS Virtualization 3.0.6.0 : libwebp (EulerOS-SA-2022-1081)

According to the versions of the libwebp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ShiftBytes. The highest threat...

GHSA-Q85F-69Q7-55H2 Uninitialized variable access in Tensorflow

Impact The implementation of AssignOp can result in copying unitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of allocations, but does not check that the right hand...

AlmaLinux 8 : wavpack (ALSA-2020:1581)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:1581 advisory. - The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion...

CVE-2022-23573 Uninitialized variable access in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of AssignOp can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of...

CVE-2022-23573 Uninitialized variable access in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of AssignOp can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of...

Bentley View JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Bentley MicroStation CONNECT JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1040)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927 - vim is vulnerable to Use of...

EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1020)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927 - vim is vulnerable to Use of...

Reolink RLC-410W device TestEmail out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted network request can lead to an out-of-bounds write. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Reolink...

Amazon Linux AMI : vim (ALAS-2022-1557)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1557 advisory. 2024-05-09: CVE-2020-20703 was added to this advisory. Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. CVE-2020-20703...

Uninitialized variable bug in Exiv2

...

CVE-2021-43746 Adobe Premiere Rush MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Premiere Rush versions 1.5.16 and earlier allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose sensitive information on affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...

CVE-2021-43030 Adobe Premiere Rush MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Premiere Rush versions 1.5.16 and earlier allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose arbitrary data on affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...