Total
562 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45616 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2025-01-02 | 3.9 Low |
| A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card. | ||||
| CVE-2024-45615 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2025-01-02 | 3.9 Low |
| A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.). | ||||
| CVE-2023-36012 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-01 | 5.3 Medium |
| DHCP Server Service Information Disclosure Vulnerability | ||||
| CVE-2023-35326 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2025-01-01 | 5.5 Medium |
| Windows CDP User Components Information Disclosure Vulnerability | ||||
| CVE-2023-35325 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-01-01 | 7.5 High |
| Windows Print Spooler Information Disclosure Vulnerability | ||||
| CVE-2023-32042 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-01 | 6.5 Medium |
| OLE Automation Information Disclosure Vulnerability | ||||
| CVE-2023-32041 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2025-01-01 | 5.5 Medium |
| Windows Update Orchestrator Service Information Disclosure Vulnerability | ||||
| CVE-2023-29367 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2025-01-01 | 7.8 High |
| iSCSI Target WMI Provider Remote Code Execution Vulnerability | ||||
| CVE-2023-21753 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2025-01-01 | 5.5 Medium |
| Event Tracing for Windows Information Disclosure Vulnerability | ||||
| CVE-2024-43458 | 1 Microsoft | 2 Windows 10 1607, Windows Server 2016 | 2024-12-31 | 7.7 High |
| Windows Networking Information Disclosure Vulnerability | ||||
| CVE-2024-38260 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-12-31 | 8.8 High |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | ||||
| CVE-2024-38257 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h1 and 8 more | 2024-12-31 | 7.5 High |
| Microsoft AllJoyn API Information Disclosure Vulnerability | ||||
| CVE-2024-38256 | 1 Microsoft | 9 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 6 more | 2024-12-31 | 5.5 Medium |
| Windows Kernel-Mode Driver Information Disclosure Vulnerability | ||||
| CVE-2024-38254 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-12-31 | 5.5 Medium |
| Windows Authentication Information Disclosure Vulnerability | ||||
| CVE-2024-45618 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-12-26 | 3.9 Low |
| A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized. | ||||
| CVE-2024-9717 | 1 Trimble | 1 Sketchup Viewer | 2024-12-19 | 7.8 High |
| Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24101. | ||||
| CVE-2024-47540 | 2 Gstreamer Project, Redhat | 4 Gstreamer, Enterprise Linux, Rhel E4s and 1 more | 2024-12-18 | 9.8 Critical |
| GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size < 4, the program calls gst_buffer_unmap with an uninitialized map variable. Then, in the gst_memory_unmap function, the program will attempt to unmap the buffer using the uninitialized map variable, causing a function pointer hijack, as it will jump to mem->allocator->mem_unmap_full or mem->allocator->mem_unmap. This vulnerability could allow an attacker to hijack the execution flow, potentially leading to code execution. This vulnerability is fixed in 1.24.10. | ||||
| CVE-2018-9429 | 1 Google | 1 Android | 2024-12-18 | 6.5 Medium |
| In buildImageItemsIfPossible of ItemTable.cpp there is a possible out of bound read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2018-9381 | 1 Google | 1 Android | 2024-12-18 | 7.5 High |
| In gatts_process_read_by_type_req of gatt_sr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21127 | 1 Google | 1 Android | 2024-12-18 | 8.8 High |
| In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-275418191 | ||||