CVE-2017-15897

LOW Year: 2017
CVSS v3 Score
3.1
Low
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-665
View all →

Vulnerability Description

Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc(0x100, "This is not correctly encoded", "hex");' The buffer implementation was updated such that the buffer will be initialized to all zeros in these cases.

Related Vulnerabilities

CVE-2018-0853

LOW
CVSS:3.3(Low)

Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow an information disclosure vulnerability, due to how Office in...

CWE-6652018

CVE-2019-15875

LOW
CVSS:3.3(Low)

In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect ...

CWE-6652019

CVE-2019-19126

LOW
CVSS:3.3(Low)

On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing l...

CWE-6652019

CVE-2020-1592

LOW
CVSS:3.3(Low)

<p>An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.</p> <p>To exploit this vulnerability, an authenticated attacker could run a speciall...

CWE-6652020

CVE-2021-36319

LOW
CVSS:3.3(Low)

Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failur...

CWE-6652021

CVE-2023-1513

LOW
CVSS:3.3(Low)

A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causi...

CWE-6652023