Total
99 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4081 | 5 Debian, Linux, Opensuse and 2 more | 8 Debian Linux, Linux Kernel, Opensuse and 5 more | 2025-04-11 | N/A |
| The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call. | ||||
| CVE-2009-3228 | 3 Canonical, Linux, Redhat | 8 Ubuntu Linux, Linux Kernel, Enterprise Linux and 5 more | 2025-04-09 | N/A |
| The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. | ||||
| CVE-2005-1036 | 2 Amd, Freebsd | 2 Amd64, Freebsd | 2025-04-03 | 7.8 High |
| FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. | ||||
| CVE-2024-27913 | 1 Frrouting | 1 Frrouting | 2025-03-26 | 6.2 Medium |
| ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 allows remote attackers to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field. | ||||
| CVE-2024-52870 | 2025-01-17 | 7.1 High | ||
| Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality (including Chromium Developer Tools) that can result in a client user accessing arbitrary remote websites. | ||||
| CVE-2024-32945 | 1 Mattermost | 1 Mattermost Mobile | 2024-11-21 | 2.6 Low |
| Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions. | ||||
| CVE-2022-29968 | 3 Fedoraproject, Linux, Netapp | 13 Fedora, Linux Kernel, H300s and 10 more | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. | ||||
| CVE-2022-22815 | 3 Debian, Python, Redhat | 3 Debian Linux, Pillow, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. | ||||
| CVE-2022-22704 | 2 Alpinelinux, Zabbix | 2 Alpine Linux, Zabbix-agent2 | 2024-11-21 | 9.8 Critical |
| The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration. | ||||
| CVE-2022-1016 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 5.5 Medium |
| A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. | ||||
| CVE-2022-0382 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1. | ||||
| CVE-2022-0175 | 2 Redhat, Virglrenderer Project | 2 Enterprise Linux, Virglrenderer | 2024-11-21 | 5.5 Medium |
| A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure. | ||||
| CVE-2021-3655 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | 3.3 Low |
| A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. | ||||
| CVE-2021-39966 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.5 High |
| There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2021-36513 | 1 Signalwire | 1 Freeswitch | 2024-11-21 | 7.5 High |
| An issue was discovered in function sofia_handle_sip_i_notify in sofia.c in SignalWire freeswitch before 1.10.6, may allow attackers to view sensitive information due to an uninitialized value. | ||||
| CVE-2021-36386 | 3 Fedoraproject, Fetchmail, Redhat | 3 Fedora, Fetchmail, Enterprise Linux | 2024-11-21 | 7.5 High |
| report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any realistic platform results in an impact beyond an inconvenience to the client user. | ||||
| CVE-2021-34693 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 5.5 Medium |
| net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. | ||||
| CVE-2021-31919 | 1 Rkyv Project | 1 Rkyv | 2024-11-21 | 7.5 High |
| An issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization, the archive content may contain uninitialized values of certain parts of a struct. | ||||
| CVE-2021-29980 | 2 Mozilla, Redhat | 5 Firefox, Firefox Esr, Thunderbird and 2 more | 2024-11-21 | 8.8 High |
| Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91. | ||||
| CVE-2021-29647 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624. | ||||