Search
Total
110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-8378 | 1 Microsoft | 9 Excel Viewer, Office, Office Compatibility Pack and 6 more | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office. | |||||
| CVE-2018-6132 | 1 Google | 1 Chrome | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| Uninitialized data in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. | |||||
| CVE-2018-3970 | 1 Sophos | 1 Hitmanpro.alert | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability. | |||||
| CVE-2018-3989 | 2 Microsoft, Wibu | 2 Windows, Wibukey | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability. | |||||
| CVE-2018-20992 | 1 Claxon Project | 1 Claxon | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled. | |||||
| CVE-2018-20029 | 3 Dokan-dev, Microsoft, Nomachine | 3 Dokanfs, Windows 10, Nomachine | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read. | |||||
| CVE-2018-19974 | 1 Virustotal | 1 Yara | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack). | |||||
| CVE-2019-20785 | 1 Google | 1 Android | 2020-04-24 | 4.6 MEDIUM | 6.8 MEDIUM |
| An issue was discovered on LG mobile devices with Android OS 8.0 and 8.1 software for the DTAG carrier. RILD in the radio layer uses an uninitialized variable. The LG ID is LVE-SMP-180013 (January 2019). | |||||
| CVE-2020-0048 | 1 Google | 1 Android | 2020-03-11 | 2.1 LOW | 5.5 MEDIUM |
| In onTransact of IAudioFlinger.cpp, there is a possible stack information leak due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139417189 | |||||
| CVE-2020-0049 | 1 Google | 1 Android | 2020-03-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| In onReadBuffer() of StreamingSource.cpp, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140177694 | |||||