Vulnerabilities (CVE)

Filtered by CWE-909
Total 85 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-4078 4 Debian, Linux, Opensuse and 1 more 7 Debian Linux, Linux Kernel, Opensuse and 4 more 2024-02-28 1.9 LOW N/A
The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call.
CVE-2011-1044 2 Linux, Redhat 6 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Eus and 3 more 2024-02-28 2.1 LOW N/A
The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.
CVE-2010-4082 3 Linux, Opensuse, Suse 5 Linux Kernel, Opensuse, Linux Enterprise Desktop and 2 more 2024-02-28 1.9 LOW N/A
The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call.
CVE-2009-3228 3 Canonical, Linux, Redhat 6 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 3 more 2024-02-28 2.1 LOW N/A
The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.
CVE-2005-1036 2 Amd, Freebsd 2 Amd64, Freebsd 2024-02-28 7.2 HIGH 7.8 HIGH
FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges.