openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2021:2774-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

RUSTSEC-2018-0022 Use of uninitialized memory in temporary

Uninit memory is used as a RNG seed in temporary The following function is used as a way to get entropy from the system, which does operations on and exposes uninit memory, which is UB. rust fn randomseed: &Path, : &str - u64; 2 use std::mem::uninitialized as rand; unsafe rand:: ^ 0x12345678,...

Microsoft Windows - 'nt!NtQueryAttributesFile' Kernel Stack Memory Disclosure

/ We have discovered that the nt!NtQueryAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The paths that we have observed to trigger the leak in our test...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)

The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors...