CVE-2021-26093

MEDIUM Year: 2021
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-824
View all →

Vulnerability Description

An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command.

Related Vulnerabilities

CVE-2018-9948

MEDIUM
CVSS:6.5(Medium)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that...

CWE-8242018

CVE-2019-11498

MEDIUM
CVSS:6.5(Medium)

WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a den...

CWE-8242019

CVE-2020-11721

MEDIUM
CVSS:6.5(Medium)

load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitialized pointer leading to an invalid call to free, which can cause a denial of service.

CWE-8242020

CVE-2020-6093

MEDIUM
CVSS:6.5(Medium)

An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling. A specially crafted PDF document can cause uninitialized memory access resulting in ...

CWE-8242020

CVE-2021-0209

MEDIUM
CVSS:6.5(Medium)

In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of Servi...

CWE-8242021

CVE-2021-34596

MEDIUM
CVSS:6.5(Medium)

A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.

CWE-8242021