CWE-824
AllowedAccess of Uninitialized Pointer
Abstraction: Base · Status: Incomplete
The product accesses or uses a pointer that has not been initialized.
451 vulnerabilities reference this CWE, most recent first.
GHSA-6HFQ-XHJQ-23GJ
Vulnerability from github – Published: 2023-05-12 21:30 – Updated: 2024-04-04 04:04A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution.
{
"affected": [],
"aliases": [
"CVE-2023-25007"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-12T21:15:09Z",
"severity": "HIGH"
},
"details": "A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution.",
"id": "GHSA-6hfq-xhjq-23gj",
"modified": "2024-04-04T04:04:48Z",
"published": "2023-05-12T21:30:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25007"
},
{
"type": "WEB",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6HWP-64JX-RMG2
Vulnerability from github – Published: 2026-01-22 18:30 – Updated: 2026-01-22 18:30VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64.sys, vbmatrixvaio64.sys, vbaudio_vmauxvaio.sys, vbaudio_vmvaio.sys, and vbaudio_vmvaio3*.sys). When a handle is opened with a special file attribute value, the drivers improperly initialize FILE_OBJECT->FsContext to a non-pointer magic value. If subsequent operations are not handled by the VB-Audio driver and are forwarded down the audio driver stack (e.g., via PortCls to ks.sys), the invalid FsContext value can be dereferenced, causing a kernel crash (BSoD), typically SYSTEM_SERVICE_EXCEPTION with STATUS_ACCESS_VIOLATION. This flaw allows a local unprivileged user to trigger a denial-of-service on affected Windows systems.
{
"affected": [],
"aliases": [
"CVE-2026-23761"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-22T17:16:37Z",
"severity": "MODERATE"
},
"details": "VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio_vmauxvaio*.sys, vbaudio_vmvaio*.sys, and vbaudio_vmvaio3*.sys). When a handle is opened with a special file attribute value, the drivers improperly initialize FILE_OBJECT-\u003eFsContext to a non-pointer magic value. If subsequent operations are not handled by the VB-Audio driver and are forwarded down the audio driver stack (e.g., via PortCls to ks.sys), the invalid FsContext value can be dereferenced, causing a kernel crash (BSoD), typically SYSTEM_SERVICE_EXCEPTION with STATUS_ACCESS_VIOLATION. This flaw allows a local unprivileged user to trigger a denial-of-service on affected Windows systems.",
"id": "GHSA-6hwp-64jx-rmg2",
"modified": "2026-01-22T18:30:41Z",
"published": "2026-01-22T18:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23761"
},
{
"type": "WEB",
"url": "https://forum.vb-audio.com/viewtopic.php?p=7527#p7527"
},
{
"type": "WEB",
"url": "https://forum.vb-audio.com/viewtopic.php?p=7574#p7574"
},
{
"type": "WEB",
"url": "https://github.com/emkaix/security-research/tree/main/CVE-2026-23761"
},
{
"type": "WEB",
"url": "https://vb-audio.com"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/vb-audio-voicemeeter-and-matrix-drivers-dos-via-improper-file-object-fscontext-initialization"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-6M45-RHXG-8QPR
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of AR files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20408.
{
"affected": [],
"aliases": [
"CVE-2023-35715"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T02:15:33Z",
"severity": "HIGH"
},
"details": "Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20408.",
"id": "GHSA-6m45-rhxg-8qpr",
"modified": "2024-05-03T03:30:52Z",
"published": "2024-05-03T03:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35715"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-878"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6P5R-G9MQ-GGH2
Vulnerability from github – Published: 2021-08-25 14:42 – Updated: 2024-11-13 20:52Impact
An attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.raw_ops.MatrixSetDiagV*:
import tensorflow as tf
tf.raw_ops.MatrixSetDiagV3(
input=[1,2,3],
diagonal=[1,1],
k=[],
align='RIGHT_LEFT')
The implementation has incomplete validation that the value of k is a valid tensor. We have check that this value is either a scalar or a vector, but there is no check for the number of elements. If this is an empty tensor, then code that accesses the first element of the tensor is wrong:
auto& diag_index = context->input(1);
...
lower_diag_index = diag_index.flat<int32>()(0);
Patches
We have patched the issue in GitHub commit ff8894044dfae5568ecbf2ed514c1a37dc394f1b.
The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by members of the Aivul Team from Qihoo 360.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
}
],
"aliases": [
"CVE-2021-37658"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-24T13:11:42Z",
"nvd_published_at": "2021-08-12T21:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nAn attacker can cause undefined behavior via binding a reference to null pointer in all operations of type `tf.raw_ops.MatrixSetDiagV*`:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.MatrixSetDiagV3(\n input=[1,2,3],\n diagonal=[1,1],\n k=[],\n align=\u0027RIGHT_LEFT\u0027)\n```\n \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/linalg/matrix_diag_op.cc) has incomplete validation that the value of `k` is a valid tensor. We have check that this value is either a scalar or a vector, but there is no check for the number of elements. If this is an empty tensor, then code that accesses the first element of the tensor is wrong: \n\n```cc \n auto\u0026 diag_index = context-\u003einput(1);\n ...\n lower_diag_index = diag_index.flat\u003cint32\u003e()(0);\n```\n \n### Patches\nWe have patched the issue in GitHub commit [ff8894044dfae5568ecbf2ed514c1a37dc394f1b](https://github.com/tensorflow/tensorflow/commit/ff8894044dfae5568ecbf2ed514c1a37dc394f1b).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
"id": "GHSA-6p5r-g9mq-ggh2",
"modified": "2024-11-13T20:52:53Z",
"published": "2021-08-25T14:42:49Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6p5r-g9mq-ggh2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37658"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/ff8894044dfae5568ecbf2ed514c1a37dc394f1b"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-571.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-769.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-280.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Reference binding to nullptr in `MatrixSetDiagV*` ops"
}
GHSA-6R97-FP62-RH53
Vulnerability from github – Published: 2022-05-24 17:40 – Updated: 2022-05-24 17:40An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
{
"affected": [],
"aliases": [
"CVE-2021-22639"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-27T20:15:00Z",
"severity": "HIGH"
},
"details": "An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).",
"id": "GHSA-6r97-fp62-rh53",
"modified": "2022-05-24T17:40:28Z",
"published": "2022-05-24T17:40:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22639"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-026-01"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-098"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-6RRF-JVV2-V2HC
Vulnerability from github – Published: 2025-08-13 15:30 – Updated: 2025-11-03 21:34A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
{
"affected": [],
"aliases": [
"CVE-2025-32451"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-13T14:15:31Z",
"severity": "HIGH"
},
"details": "A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.",
"id": "GHSA-6rrf-jvv2-v2hc",
"modified": "2025-11-03T21:34:21Z",
"published": "2025-08-13T15:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32451"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2202"
},
{
"type": "WEB",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2202"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7273-HMFQ-X6VX
Vulnerability from github – Published: 2022-06-03 00:01 – Updated: 2022-06-11 00:00The affected product is vulnerable to an out-of-bounds write via uninitialized pointer, which may allow an attacker to execute arbitrary code.
{
"affected": [],
"aliases": [
"CVE-2022-28690"
],
"database_specific": {
"cwe_ids": [
"CWE-787",
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-02T14:15:00Z",
"severity": "HIGH"
},
"details": "The affected product is vulnerable to an out-of-bounds write via uninitialized pointer, which may allow an attacker to execute arbitrary code.",
"id": "GHSA-7273-hmfq-x6vx",
"modified": "2022-06-11T00:00:24Z",
"published": "2022-06-03T00:01:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28690"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-02"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-75XC-FV5M-PPRR
Vulnerability from github – Published: 2026-04-21 15:32 – Updated: 2026-06-30 03:36Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.
{
"affected": [],
"aliases": [
"CVE-2026-6748"
],
"database_specific": {
"cwe_ids": [
"CWE-457",
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-21T13:16:20Z",
"severity": "CRITICAL"
},
"details": "Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.",
"id": "GHSA-75xc-fv5m-pprr",
"modified": "2026-06-30T03:36:19Z",
"published": "2026-04-21T15:32:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6748"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19464"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19465"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19466"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19467"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19468"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19469"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19542"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19655"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19704"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-6748"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2022604"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460103"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6748.json"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-30"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-32"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-33"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-34"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:10757"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:10766"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:10767"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:12285"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:13537"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:15892"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:17477"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:17687"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:17688"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:17689"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:17690"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19041"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19131"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19201"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19348"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19461"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19462"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:19463"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-76W2-8WCP-PFV6
Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2022-05-24 17:43An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2021-22670"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-03-03T17:15:00Z",
"severity": "HIGH"
},
"details": "An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.",
"id": "GHSA-76w2-8wcp-pfv6",
"modified": "2022-05-24T17:43:33Z",
"published": "2022-05-24T17:43:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22670"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-056-02"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-777P-GW55-Q56C
Vulnerability from github – Published: 2022-05-02 03:18 – Updated: 2022-05-02 03:18The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.
{
"affected": [],
"aliases": [
"CVE-2009-0846"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-04-09T00:30:00Z",
"severity": "HIGH"
},
"details": "The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.",
"id": "GHSA-777p-gw55-q56c",
"modified": "2022-05-02T03:18:41Z",
"published": "2022-05-02T03:18:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0846"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10694"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5483"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6301"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"type": "WEB",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000059.html"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=124896429301168\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0409.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0410.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34594"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34598"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34617"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34622"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34628"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34630"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34637"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34640"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34734"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/35074"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/35667"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200904-09.xml"
},
{
"type": "WEB",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3549"
},
{
"type": "WEB",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm"
},
{
"type": "WEB",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html"
},
{
"type": "WEB",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html"
},
{
"type": "WEB",
"url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-002.txt"
},
{
"type": "WEB",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0058"
},
{
"type": "WEB",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058"
},
{
"type": "WEB",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396120"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/662091"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0408.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/502527/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/502546/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/504683/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/34409"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1021994"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-755-1"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"type": "WEB",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0008.html"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/0960"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/0976"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/1057"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/1106"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/2084"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/2248"
}
],
"schema_version": "1.4.0",
"severity": []
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.