• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-908

CVE-2021-21190

February 23, 2023 by

Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

CVE-2021-21218

February 23, 2023 by

Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

CVE-2021-1619

February 23, 2023 by

A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.

CVE-2021-1104

February 23, 2023 by

The RISC-V Instruction Set Manual contains a documented ambiguity for the Machine Trap Vector Base Address (MTVEC) register that may lead to a vulnerability due to the initial state of the register not being defined, potentially leading to information disclosure, data tampering and denial of service.

CVE-2021-0938

February 23, 2023 by

In memzero_explicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-171418586References: Upstream kernel

CVE-2021-0698

February 23, 2023 by

In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-236848165

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 37
  • Go to page 38
  • Go to page 39
  • Go to page 40
  • Go to page 41
  • Interim pages omitted …
  • Go to page 45
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE