AMD DXE Driver Security Vulnerability

AMD DXE driver is a driver from UltraMicroelectronics AMD. A security vulnerability exists in AMD DXE Driver, which stems from improper initialization of variables in the driver, and could allow a privileged user to disclose sensitive information via local access...

CVE-2020-22218

A flaw was found in the libssh2 library. An out-of-bounds access issue can occur due to an improper initialization of a variable, resulting in a crash in the application linked to the library...

SUSE CVE-2006-5754

The aiosetupring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service crash via an unspecified error path that causes an incorrect free operation...

CVE-2022-36349

Insecure default variable initialization in BIOS firmware for some IntelR NUC Boards and IntelR NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of service via local access...

Default configuration

Insecure default variable initialization in BIOS firmware for some IntelR NUC Boards and IntelR NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2022-33716

An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory...

Information disclosure

An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory...

CVE-2021-1405

A flaw was found in clamav. The email parsing module could allow an unauthenticated, remote attacker to cause a denial of service condition due to improper variable initialization that may result in an NULL pointer read. The highest threat from this vulnerability is to system availability...

Information disclosure

Insecure default variable initialization of IntelR RealSenseTM ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access...

CVE-2021-33130

Insecure default variable initialization of IntelR RealSenseTM ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access...

CVE-2021-33130

Insecure default variable initialization of IntelR RealSenseTM ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access...

CVE-2021-33130

CVE-2021-33130 targets Intel RealSense ID Solution F450 before 2.6.0.74. The issue arises from insecure default variable initialization, potentially allowing an unauthenticated user to disclose information via physical access. Impact is described as partial confidentiality loss (C:H) with no inte...

Code injection

Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user...

Constructor cannot be used in upgradeable contracts

Lines of code Vulnerability details Details As per OpenZeppelin’s documentation, “Due to a requirement of the proxy-based upgradeability system, no constructors can be used in upgradeable contracts.” reason being “the code within a logic contract’s constructor will never be executed in the contex...

CVE-2021-0144

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access...

CVE-2020-24455

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...

Privilege escalation

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...

CVE-2020-24455

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...

CVE-2020-24455

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...

CVE-2020-24455

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...