The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.
The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
EMC RSA Authentication Manager 8.0 before P1 allows local users to discover cleartext operating-system passwords, HTTP plug-in proxy passwords, and SNMP communities by reading a (1) log file or (2). Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.