9106 matches found
CVE-2022-34153
Improper initialization in the IntelR Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access...
Input validation
Improper initialization in the IntelR Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access...
Input validation
Improper initialization in the IntelR TXT SINIT ACM for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2022-30704
The CVE-2022-30704 issue relates to improper initialization in the Intel TXT SINIT ACM for certain Intel processors. The underlying effect is a potential privilege escalation via local access by a privileged user. Documents specify the affected component as the Intel TXT SINIT ACM within BIOS/fir...
SUSE-SU-2023:0435-1 Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: Updated to version jdk-17.0.6.0+10: - CVE-2023-21835: Fixed handshake DoS attack against DTLS connections bsc1207246. - CVE-2023-21843: Fixed soundbank URL remote loading bsc1207248. Bugfixes: - Avoid calling CGetInfo too early, before...
SUSE CVE-2022-46397
FP.io VPP Vector Packet Processor 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode...
Intel Processors 安全漏洞
Intel Processors are U.S.-based Intel Corporation's offerings for interpreting computer instructions and processing data in computer software. A security vulnerability exists in the IntelR Processors BIOS firmware that originates from an incorrect initialization in the firmware and could allow a...
PT-2023-13017 · Intel · Intel Txt Sinit Acm
Name of the Vulnerable Software and Affected Versions: IntelR TXT SINIT ACM for some IntelR Processors affected versions not specified Description: The issue is related to improper initialization in the IntelR TXT SINIT ACM for some IntelR Processors. This may allow a privileged user to potential...
Intel Processors 安全漏洞
Intel Processors are U.S.-based companies of Intel Corporation that provide for the interpretation of computer instructions and the processing of data in computer software. A security vulnerability exists in Intel Processors that originates from an incorrect initialization in the IntelR TXT SINIT...
SUSE CVE-2004-1392
PHP 4.0 with cURL functions allows remote attackers to bypass the openbasedir setting and read arbitrary files via a file: URL argument to the curlinit function...
SUSE CVE-2006-4514
Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...
SUSE CVE-2006-5749
The isdnpppccpresetallocstate function in drivers/isdn/isdnppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the inittimer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash...
SUSE CVE-2006-5754
The aiosetupring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service crash via an unspecified error path that causes an incorrect free operation...
SUSE CVE-2007-2525
Memory leak in the PPP over Ethernet PPPoE socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service memory consumption by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized...
SUSE CVE-2007-2727
The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...
SUSE CVE-2007-3528
The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...
SUSE CVE-2007-3806
The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initializati...
SUSE CVE-2007-5471
libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service daemon exit via a GSS-TSIG request. NOTE: this issue probably affects other daemons that...
SUSE CVE-2008-5624
PHP 5 before 5.2.7 does not properly initialize the pageuid and pagegid global variables for use by the SAPI phpgetuid function, which allows context-dependent attackers to bypass safemode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting ...
SUSE CVE-2009-0360
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid...