Code injection

The rstrbuffini function in radare2 2.5.0 allows remote attackers to cause a denial of service invalid free and application crash via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/analavr.c...

CVE-2018-11383

The rstrbuffini function in radare2 2.5.0 allows remote attackers to cause a denial of service invalid free and application crash via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/analavr.c...

UBUNTU-CVE-2018-11383

The rstrbuffini function in radare2 2.5.0 allows remote attackers to cause a denial of service invalid free and application crash via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/analavr.c...

CVE-2018-11383

CVE-2018-11383 affects radare2 up to version 2.5.0, where the r_strbuf_fini() function may crash the application or cause an invalid free via a crafted ELF file due to an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c. The vulnerability is confirmed across multiple sources; ...

CVE-2018-11383

The rstrbuffini function in radare2 2.5.0 allows remote attackers to cause a denial of service invalid free and application crash via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/analavr.c...

oniguruma: Out-of-bounds heap write in bitset_set_range()

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...

Design/Logic Flaw

In the KGSL driver function gpuobjmapuseraddr in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-12, the contents of the stack can get leaked due to an uninitialized variable...

CVE-2017-14891

CVE-2017-14891 affects the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-12. The issue is an uninitialized variable that can leak stack contents, causing information disclosure. The vulnerability is tied to the kernel/driver sta...

CVE-2017-14891

In the KGSL driver function gpuobjmapuseraddr in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-12, the contents of the stack can get leaked due to an uninitialized variable...

Microsoft Office Web Apps Server 2013 RCE And Information Disclosure Vulnerabilities (KB4011692)

This host is missing an important security update according to Microsoft KB4011692 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Code injection

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.662 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 32 and 64bit, and denial of service for Windows 8 and 10...

CVE-2018-6947

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.662 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 32 and 64bit, and denial of service for Windows 8 and 10...

Microsoft Office 2013 Service Pack 1 Information Disclosure Vulnerability (KB3172459)

This host is missing an important security update according to Microsoft KB3172459 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Office Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the...

Updated libexif packages fix security vulnerability

A vulnerability was found in libexif. The vulnerability is caused by an integer overflow. In some cases, the integer overflow can cause Heap Out-of-Bounds Read, i.e. Heap Buffer Overflow vulnerability. In some other cases, the integer overflow can cause use of uninitialized pointer variable, i.e...

Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable

var x = new URIErrornew Array, undefined, undefined; String.prototype.localeCompare.callx, new Date0, 0, 0, 0, 0, 0, undefined; Array.prototype.slice.call1; !-- ============================================ Technical details: The issue is in jscript!JsArraySlice Array.prototype.slice.call in the P...

WIndows jscript!JsArraySlice Uninitialized Variable

Windows: Uninitialized variable in jscript!JsArraySlice CVE-2017-11855 There is an uninitialized variable vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - By opening a malicious web page in Internet Explorer. - currently untested An attacker on t...

CVE-2017-15996

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper...

DEBIAN-CVE-2017-15996

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper...

CVE-2017-15996

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper...