ReportizFlow
Filtered by vendor
Subscriptions
Total
471 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-24448 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-11-21 | 3.3 Low |
| An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. | ||||
| CVE-2022-23573 | 1 Google | 1 Tensorflow | 2024-11-21 | 7.6 High |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of `AssignOp` can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized (to minimize number of allocations), but does not check that the right hand side is also initialized. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-22719 | 6 Apache, Apple, Debian and 3 more | 9 Http Server, Mac Os X, Macos and 6 more | 2024-11-21 | 7.5 High |
| A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier. | ||||
| CVE-2022-20357 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In writeToParcel of SurfaceControl.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-214999987 | ||||
| CVE-2022-20176 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In auth_store of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197787879References: N/A | ||||
| CVE-2022-20119 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213170715References: N/A | ||||
| CVE-2022-20096 | 2 Google, Mediatek | 13 Android, Mt6765, Mt6768 and 10 more | 2024-11-21 | 4.4 Medium |
| In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID: ALPS06419003. | ||||
| CVE-2022-20079 | 2 Google, Mediatek | 17 Android, Mt6781, Mt6785 and 14 more | 2024-11-21 | 4.4 Medium |
| In vow, there is a possible read of uninitialized data due to a improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05857289. | ||||
| CVE-2022-20018 | 2 Google, Mediatek | 33 Android, Mt6580, Mt6739 and 30 more | 2024-11-21 | 4.4 Medium |
| In seninf driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863018; Issue ID: ALPS05863018. | ||||
| CVE-2022-20015 | 2 Google, Mediatek | 25 Android, Mt6739, Mt6757 and 22 more | 2024-11-21 | 4.4 Medium |
| In kd_camera_hw driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862966; Issue ID: ALPS05862966. | ||||
| CVE-2022-20008 | 1 Google | 1 Android | 2024-11-21 | 4.6 Medium |
| In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel | ||||
| CVE-2022-0494 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-11-21 | 4.4 Medium |
| A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. | ||||
| CVE-2022-0433 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | 5.5 Medium |
| A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1. | ||||
| CVE-2022-0115 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 8.8 High |
| Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | ||||
| CVE-2021-45703 | 1 Tectonic Xdv Project | 1 Tectonic Xdv | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the tectonic_xdv crate before 0.1.12 for Rust. XdvParser::<T>::process may read from uninitialized memory locations. | ||||
| CVE-2021-45694 | 1 Rdiff Project | 1 Rdiff | 2024-11-21 | 7.5 High |
| An issue was discovered in the rdiff crate through 2021-02-03 for Rust. Window may read from uninitialized memory locations. | ||||
| CVE-2021-45693 | 1 Messagepack-rs Project | 1 Messagepack-rs | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string_primitive may read from uninitialized memory locations. | ||||
| CVE-2021-45692 | 1 Messagepack-rs Project | 1 Messagepack-rs | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_extension_others may read from uninitialized memory locations. | ||||
| CVE-2021-45691 | 1 Messagepack-rs Project | 1 Messagepack-rs | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string may read from uninitialized memory locations. | ||||
| CVE-2021-45690 | 1 Messagepack-rs Project | 1 Messagepack-rs | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_binary may read from uninitialized memory locations. | ||||