9099 matches found
CVE-2024-53845
ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV Initialization Vector prior to versions 5.3.2, 5.2.4, 5.1.6, and 5.0.8. The IV is set to zero and remains constant...
CVE-2023-26243
An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to...
CVE-2023-36490
Improper initialization in some IntelR MAS software before version 2.3 may allow an authenticated user to potentially enable denial of service via local access...
CVE-2023-33060
Transient DOS in Core when DDR memory check is called while DDR is not initialized...
CVE-2023-28439
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages ...
CVE-2023-30954
The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized...
CVE-2023-27934
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution...
CVE-2023-2514
Mattermost Sever fails to redact the DB username and password before emitting an application log during server initialization...
CVE-2023-22356
Improper initialization in some IntelR NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access...
CVE-2023-1660
The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in a function hooked to init, allowing unauthenticated users to update some settings, leading to Stored XSS due to the lack of escaping when outputting them in the admin dashboard...
CVE-2023-21638
Memory corruption in Video while calling APIs with different instance ID than the one received in initialization...
CVE-2023-1047
A vulnerability classified as critical was found in TechPowerUp RealTemp 3.7.0.0. This vulnerability affects unknown code in the library WinRing0x64.sys. The manipulation leads to improper initialization. An attack has to be approached locally. The exploit has been disclosed to the public and may...
CVE-2023-1048
A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5. This issue affects some unknown processing in the library WinRing0x64.sys. The manipulation leads to improper initialization. Local access is required to approach this attack. The explo...
CVE-2023-33115
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated...
CVE-2023-2747
The initialization vector IV used by the secure engine SE for encrypting data stored in the SE flash memory is uninitialized...
CVE-2022-30271
The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts such as /etc/init.d/sshdservice only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default...
CVE-2022-23408
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...
CVE-2022-48352
Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic...
CVE-2022-46301
Improper Initialization for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access...
CVE-2022-46397
FP.io VPP Vector Packet Processor 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode...