9100 matches found
CVE-2021-26328
Failure to verify the mode of CPU execution at the time of SNPINIT may lead to a potential loss of memory integrity for SNP guests...
AMD Secure Processor 安全漏洞
AMD Secure Encrypted Virtualization is a product of AMD Semiconductor, Inc. AMD Secure Encrypted Virtualization is a software application.AMD System Management Unit SMU is a system management unit. AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip. A security vulnerability exists in AM...
CVE-2021-26407
A randomly generated Initialization Vector IV may lead to a collision of IVs with the same key potentially resulting in information disclosure...
CVE-2021-26407
A randomly generated Initialization Vector IV may lead to a collision of IVs with the same key potentially resulting in information disclosure...
CVE-2021-26407
CVE-2021-26407 describes an information-disclosure risk from a collision of randomly generated IVs with the same key. Public references in AMD security bulletins enumerate affected AMD EPYC platforms and related components (ASP, SMU, SEV) and document mitigation steps via firmware/AGESA updates. ...
PT-2023-1488 · Amd · Amd System Management Unit +2
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified AMD System Management Unit SMU affected versions not specified AMD Secure Encrypted Virtualization SEV affected versions not specified Description: The issue is related to errors in...
AMD Server Vulnerabilities – January 2023
Bulletin ID: AMD-SB-1032 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Un...
Destruction of the SmartAccount implementation
Lines of code Vulnerability details Description If the SmartAccount implementation contract is not initialized, it can be destroyed using the following attack scenario: Initialize the SmartAccount implementation contract using the init function. Execute a transaction that contains a single...
PT-2025-13355
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns data corruption on vram allocated by svm if initialization is not complete and an application is writing to the memory. To resolve this, a sync has been added after...
Contract cannot be initialized due to revert
Lines of code Vulnerability details Impact TokenggAVAX.initialize would revert due to the constructor setting initialized to typeuint8.max = 255 thus making initialized not less than 1. This does not pass the require check in initializer modifier, thus resulting to a revert thereby making...
PT-2025-54100
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the block cgroup blk-cgroup subsystem. Specifically, a NULL pointer dereference could occur due to blkg policy data being installed before...
PT-2025-49714
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the handling of request queue quality of service rq qos APIs. Specifically, concurrent access to rq qos without proper synchronization...
Inventory of Non-initialized LTO-9 Tape Fails for HPE MSL2024 and 1/8 G2 Autoloader Tape Libraries
Challenge If Veeam Backup & Replication attempts to load an LTO-9 tape that has not been initialized or has an unknown status in the library, the library will report the error Source Not Ready error SCSI Check Condition 05/4481. Error MTSCSI PASS THROUGH DIRECT ended with Scsi Error Fixed format,...
CVE-2022-40959
During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
Design/Logic Flaw
If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the ThirdPartyUtil component. This vulnerability affects Firefox 106...
Exploit for Improper Initialization in Linux Linux_Kernel
CVE...
PT-2022-25302 · WordPress · Registration Forms
Name of the Vulnerable Software and Affected Versions: Registration Forms WordPress plugin versions prior to 3.8.1.3 Description: The issue allows unauthenticated attackers to delete arbitrary users, along with their posts, due to a lack of authorisation and CSRF protection when deleting users vi...
An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY which is registered in wm8350_init_charger().
...
An issue was discovered in the Linux kernel through 5.16-rc6. _rtw_init_xmit_priv in drivers/staging/r8188eu/core/rtw_xmit.c lacks check of the return value of rtw_alloc_hwxmits() and will cause the null pointer dereference.
...
PT-2022-27572 · WordPress · Wp Shamsi
Name of the Vulnerable Software and Affected Versions: WP Shamsi plugin for WordPress versions up to, and including, 4.1.0 Description: The WP Shamsi plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the deactivate function hooked via init. This makes...