Common Weakness Enumeration

CWE-824

Allowed

Access of Uninitialized Pointer

Abstraction: Base · Status: Incomplete

The product accesses or uses a pointer that has not been initialized.

451 vulnerabilities reference this CWE, most recent first.

GHSA-6HFQ-XHJQ-23GJ

Vulnerability from github – Published: 2023-05-12 21:30 – Updated: 2024-04-04 04:04
VLAI
Details

A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-25007"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-12T21:15:09Z",
    "severity": "HIGH"
  },
  "details": "A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution.",
  "id": "GHSA-6hfq-xhjq-23gj",
  "modified": "2024-04-04T04:04:48Z",
  "published": "2023-05-12T21:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25007"
    },
    {
      "type": "WEB",
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0008"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6HWP-64JX-RMG2

Vulnerability from github – Published: 2026-01-22 18:30 – Updated: 2026-01-22 18:30
VLAI
Details

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64.sys, vbmatrixvaio64.sys, vbaudio_vmauxvaio.sys, vbaudio_vmvaio.sys, and vbaudio_vmvaio3*.sys). When a handle is opened with a special file attribute value, the drivers improperly initialize FILE_OBJECT->FsContext to a non-pointer magic value. If subsequent operations are not handled by the VB-Audio driver and are forwarded down the audio driver stack (e.g., via PortCls to ks.sys), the invalid FsContext value can be dereferenced, causing a kernel crash (BSoD), typically SYSTEM_SERVICE_EXCEPTION with STATUS_ACCESS_VIOLATION. This flaw allows a local unprivileged user to trigger a denial-of-service on affected Windows systems.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23761"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-22T17:16:37Z",
    "severity": "MODERATE"
  },
  "details": "VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio_vmauxvaio*.sys, vbaudio_vmvaio*.sys, and vbaudio_vmvaio3*.sys). When a handle is opened with a special file attribute value, the drivers improperly initialize FILE_OBJECT-\u003eFsContext to a non-pointer magic value. If subsequent operations are not handled by the VB-Audio driver and are forwarded down the audio driver stack (e.g., via PortCls to ks.sys), the invalid FsContext value can be dereferenced, causing a kernel crash (BSoD), typically SYSTEM_SERVICE_EXCEPTION with STATUS_ACCESS_VIOLATION. This flaw allows a local unprivileged user to trigger a denial-of-service on affected Windows systems.",
  "id": "GHSA-6hwp-64jx-rmg2",
  "modified": "2026-01-22T18:30:41Z",
  "published": "2026-01-22T18:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23761"
    },
    {
      "type": "WEB",
      "url": "https://forum.vb-audio.com/viewtopic.php?p=7527#p7527"
    },
    {
      "type": "WEB",
      "url": "https://forum.vb-audio.com/viewtopic.php?p=7574#p7574"
    },
    {
      "type": "WEB",
      "url": "https://github.com/emkaix/security-research/tree/main/CVE-2026-23761"
    },
    {
      "type": "WEB",
      "url": "https://vb-audio.com"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/vb-audio-voicemeeter-and-matrix-drivers-dos-via-improper-file-object-fscontext-initialization"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6M45-RHXG-8QPR

Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30
VLAI
Details

Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of AR files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20408.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-35715"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T02:15:33Z",
    "severity": "HIGH"
  },
  "details": "Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20408.",
  "id": "GHSA-6m45-rhxg-8qpr",
  "modified": "2024-05-03T03:30:52Z",
  "published": "2024-05-03T03:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35715"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-878"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6P5R-G9MQ-GGH2

Vulnerability from github – Published: 2021-08-25 14:42 – Updated: 2024-11-13 20:52
VLAI
Summary
Reference binding to nullptr in `MatrixSetDiagV*` ops
Details

Impact

An attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.raw_ops.MatrixSetDiagV*:

import tensorflow as tf

tf.raw_ops.MatrixSetDiagV3(
  input=[1,2,3],
  diagonal=[1,1],
  k=[],
  align='RIGHT_LEFT')

The implementation has incomplete validation that the value of k is a valid tensor. We have check that this value is either a scalar or a vector, but there is no check for the number of elements. If this is an empty tensor, then code that accesses the first element of the tensor is wrong:

  auto& diag_index = context->input(1);
  ...
  lower_diag_index = diag_index.flat<int32>()(0);

Patches

We have patched the issue in GitHub commit ff8894044dfae5568ecbf2ed514c1a37dc394f1b.

The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported by members of the Aivul Team from Qihoo 360.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.5.0"
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.5.0"
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.5.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2021-37658"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-24T13:11:42Z",
    "nvd_published_at": "2021-08-12T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nAn attacker can cause undefined behavior via binding a reference to null pointer in all operations of type `tf.raw_ops.MatrixSetDiagV*`:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.MatrixSetDiagV3(\n  input=[1,2,3],\n  diagonal=[1,1],\n  k=[],\n  align=\u0027RIGHT_LEFT\u0027)\n```\n  \nThe  [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/linalg/matrix_diag_op.cc) has incomplete validation that the value of `k` is a valid tensor. We have check that this value is either a scalar or a vector, but there is no check for the number of elements. If this is an empty tensor, then code that accesses the first element of the tensor is wrong: \n\n```cc \n  auto\u0026 diag_index = context-\u003einput(1);\n  ...\n  lower_diag_index = diag_index.flat\u003cint32\u003e()(0);\n```\n  \n### Patches\nWe have patched the issue in GitHub commit [ff8894044dfae5568ecbf2ed514c1a37dc394f1b](https://github.com/tensorflow/tensorflow/commit/ff8894044dfae5568ecbf2ed514c1a37dc394f1b).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
  "id": "GHSA-6p5r-g9mq-ggh2",
  "modified": "2024-11-13T20:52:53Z",
  "published": "2021-08-25T14:42:49Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6p5r-g9mq-ggh2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37658"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/ff8894044dfae5568ecbf2ed514c1a37dc394f1b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-571.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-769.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-280.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tensorflow/tensorflow"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Reference binding to nullptr in `MatrixSetDiagV*` ops"
}

GHSA-6R97-FP62-RH53

Vulnerability from github – Published: 2022-05-24 17:40 – Updated: 2022-05-24 17:40
VLAI
Details

An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22639"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-27T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).",
  "id": "GHSA-6r97-fp62-rh53",
  "modified": "2022-05-24T17:40:28Z",
  "published": "2022-05-24T17:40:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22639"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-026-01"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-098"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-6RRF-JVV2-V2HC

Vulnerability from github – Published: 2025-08-13 15:30 – Updated: 2025-11-03 21:34
VLAI
Details

A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-32451"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-13T14:15:31Z",
    "severity": "HIGH"
  },
  "details": "A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.",
  "id": "GHSA-6rrf-jvv2-v2hc",
  "modified": "2025-11-03T21:34:21Z",
  "published": "2025-08-13T15:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32451"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2202"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2202"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7273-HMFQ-X6VX

Vulnerability from github – Published: 2022-06-03 00:01 – Updated: 2022-06-11 00:00
VLAI
Details

The affected product is vulnerable to an out-of-bounds write via uninitialized pointer, which may allow an attacker to execute arbitrary code.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-28690"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787",
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-02T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "The affected product is vulnerable to an out-of-bounds write via uninitialized pointer, which may allow an attacker to execute arbitrary code.",
  "id": "GHSA-7273-hmfq-x6vx",
  "modified": "2022-06-11T00:00:24Z",
  "published": "2022-06-03T00:01:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28690"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75XC-FV5M-PPRR

Vulnerability from github – Published: 2026-04-21 15:32 – Updated: 2026-06-30 03:36
VLAI
Details

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-6748"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457",
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-21T13:16:20Z",
    "severity": "CRITICAL"
  },
  "details": "Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.",
  "id": "GHSA-75xc-fv5m-pprr",
  "modified": "2026-06-30T03:36:19Z",
  "published": "2026-04-21T15:32:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6748"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19464"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19465"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19466"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19467"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19468"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19469"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19542"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19655"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19704"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-6748"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2022604"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460103"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6748.json"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-30"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-32"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-33"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-34"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:10757"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:10766"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:10767"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:12285"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:13537"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:15892"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:17477"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:17687"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:17688"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:17689"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:17690"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19041"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19131"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19201"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19348"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19461"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19462"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19463"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-76W2-8WCP-PFV6

Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2022-05-24 17:43
VLAI
Details

An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22670"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-03T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.",
  "id": "GHSA-76w2-8wcp-pfv6",
  "modified": "2022-05-24T17:43:33Z",
  "published": "2022-05-24T17:43:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22670"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-056-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-777P-GW55-Q56C

Vulnerability from github – Published: 2022-05-02 03:18 – Updated: 2022-05-02 03:18
VLAI
Details

The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2009-0846"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-04-09T00:30:00Z",
    "severity": "HIGH"
  },
  "details": "The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.",
  "id": "GHSA-777p-gw55-q56c",
  "modified": "2022-05-02T03:18:41Z",
  "published": "2022-05-02T03:18:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0846"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10694"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5483"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6301"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.vmware.com/pipermail/security-announce/2009/000059.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=124896429301168\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0409.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0410.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34594"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34598"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34617"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34622"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34628"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34630"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34637"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34640"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34734"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35667"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200904-09.xml"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm"
    },
    {
      "type": "WEB",
      "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html"
    },
    {
      "type": "WEB",
      "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html"
    },
    {
      "type": "WEB",
      "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-002.txt"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0058"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396120"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/662091"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0408.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/502527/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/502546/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/504683/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/34409"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1021994"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-755-1"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0008.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0960"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0976"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1057"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1106"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/2084"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/2248"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.