Total
286 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45689 | 1 Gfx-auxil Project | 1 Gfx-auxil | 2022-01-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the gfx-auxil crate through 2021-01-07 for Rust. gfx_auxil::read_spirv may read from uninitialized memory locations. | |||||
| CVE-2021-45688 | 1 Ash Project | 1 Ash | 2022-01-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the ash crate before 0.33.1 for Rust. util::read_spv may read from uninitialized memory locations. | |||||
| CVE-2020-36511 | 1 Bite Project | 1 Bite | 2022-01-06 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the bite crate through 2020-12-31 for Rust. read::BiteReadExpandedExt::read_framed_max may read from uninitialized memory locations. | |||||
| CVE-2020-36514 | 1 Acc Reader Project | 1 Acc Reader | 2022-01-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. fill_buf may read from uninitialized memory locations. | |||||
| CVE-2021-45686 | 1 Csv-sniffer Project | 1 Csv-sniffer | 2022-01-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preamble_skipcount may read from uninitialized memory locations. | |||||
| CVE-2021-45685 | 1 Columnar Project | 1 Columnar | 2022-01-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the columnar crate through 2021-01-07 for Rust. ColumnarReadExt::read_typed_vec may read from uninitialized memory locations. | |||||
| CVE-2021-45684 | 1 Flumedb Project | 1 Flumedb | 2022-01-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the flumedb crate through 2021-01-07 for Rust. read_entry may read from uninitialized memory locations. | |||||
| CVE-2021-45683 | 1 Binjs Io Project | 1 Binjs Io | 2022-01-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the binjs_io crate through 2021-01-03 for Rust. The Read method may read from uninitialized memory locations. | |||||
| CVE-2021-45682 | 1 Bronzedb-protocol Project | 1 Bronzedb-protocol | 2022-01-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the bronzedb-protocol crate through 2021-01-03 for Rust. ReadKVExt may read from uninitialized memory locations. | |||||
| CVE-2018-25023 | 1 Servo | 1 Smallvec | 2022-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a reference type. | |||||
| CVE-2019-18602 | 2 Debian, Openafs | 2 Debian Linux, Openafs | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
| OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer. | |||||
| CVE-2019-18603 | 2 Debian, Openafs | 2 Debian Linux, Openafs | 2022-01-01 | 4.3 MEDIUM | 5.9 MEDIUM |
| OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output variables are sent over the network to a peer. | |||||
| CVE-2020-0006 | 1 Google | 1 Android | 2022-01-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of heap memory due to uninitialized data. This could lead to remote information disclosure in the NFC server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-139738828 | |||||
| CVE-2020-0007 | 1 Google | 1 Android | 2022-01-01 | 2.1 LOW | 5.5 MEDIUM |
| In flattenString8 of Sensor.cpp, there is a possible information disclosure of heap memory due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-141890807 | |||||
| CVE-2020-6792 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Thunderbird | 2022-01-01 | 4.3 MEDIUM | 4.3 MEDIUM |
| When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird < 68.5. | |||||
| CVE-2020-6793 | 1 Mozilla | 1 Thunderbird | 2022-01-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This vulnerability affects Thunderbird < 68.5. | |||||
| CVE-2020-20739 | 3 Debian, Fedoraproject, Libvips Project | 3 Debian Linux, Fedora, Libvips | 2022-01-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address. | |||||
| CVE-2020-17482 | 1 Powerdns | 1 Authoritative | 2022-01-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. | |||||
| CVE-2021-29631 | 1 Freebsd | 1 Freebsd | 2021-12-14 | 7.2 HIGH | 7.8 HIGH |
| In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O descriptors. A malicious guest may cause the device model to operate on uninitialized I/O vectors leading to memory corruption, crashing of the bhyve process, and possibly arbitrary code execution in the bhyve process. | |||||
| CVE-2021-30578 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2021-12-08 | 6.8 MEDIUM | 8.8 HIGH |
| Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | |||||