Main entries ~3682 :
Date Id Summary Products Score Patch Annotated
2013-04-22 CVE-2013-3231 The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Linux_kernel N/A
2013-04-22 CVE-2013-3230 The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Linux_kernel N/A
2013-04-22 CVE-2013-3229 The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Linux_kernel N/A
2013-04-22 CVE-2013-3228 The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Linux_kernel N/A
2013-04-22 CVE-2013-3227 The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Linux_kernel N/A
2013-04-22 CVE-2013-3226 The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Linux_kernel N/A
2013-04-22 CVE-2013-3225 The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Linux_kernel N/A
Remaining NVD entries (unprocessed / no code available): ~268105 :
Date Id Summary Products Score Patch
2024-11-29 CVE-2024-35366 FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking. N/A N/A
2024-11-29 CVE-2024-35367 FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer N/A N/A
2024-11-29 CVE-2024-35368 FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c. N/A N/A
2024-11-29 CVE-2024-35371 Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included in log entries without restrictions. N/A N/A
2024-11-29 CVE-2024-36610 A deserialization vulnerability exists in the Stub class of the VarDumper module in Symfony v7.0.3. The vulnerability stems from deficiencies in the original implementation when handling properties with null or uninitialized values. An attacker could construct specific serialized data and use this vulnerability to execute unauthorized code. N/A N/A
2024-11-29 CVE-2024-36612 Zulip from 8.0 to 8.3 contains a memory leak vulnerability in the handling of popovers. N/A N/A
2024-11-29 CVE-2024-53504 A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory. N/A N/A