9097 matches found
The vulnerability of the nf_tables_newset function (net/netfilter/nf_tables_api.c) in Linux operating system kernels, which allows a hacker to cause a service failure
The vulnerability of the nftablesnewset function net/netfilter/nftablesapi.c in Linux operating systems is related to memory initialization errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
UBUNTU-CVE-2022-0175
A flaw was found in the VirGL virtual OpenGL renderer virglrenderer. The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading t...
CVE-2022-0175
A flaw was found in the VirGL virtual OpenGL renderer virglrenderer. The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading t...
Bentley View JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...
Bentley View TIF File Parsing Uninitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF...
Bentley MicroStation CONNECT JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Mageia: Security Advisory (MGASA-2014-0144)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: kernel
Issue Overview: A NULL pointer dereference flaw may occur in the Linux kernel's relayopen in kernel/relay.c. if the allocpercpu function is not validated in time of failure and used as a valid address for access. An attacker could use this flaw to cause a denial of service. CVE-2019-19462 A new...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-1034)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace.
...
Local variables are not initialized
Handle SolidityScan Vulnerability details Description The contract was found to be using local variables which were not initialized. This may introduce errors in the code if these variables are used anywhere without initialization as the default value for the variable type will be taken. Impact...
CVE-2022-22164
An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. When it is not intended to be operating on the device, an administrator can...
Input validation
An Improper Initialization vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart GR helper mode even though...
Input validation
An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. When it is not intended to be operating on the device, an administrator can...
CVE-2022-22169
CVE-2022-22169 affects Juniper Networks Junos OS and Junos OS Evolved. An improper initialization in the routing protocol daemon (rpd) can cause OSPFv3 to enter graceful-restart GR helper mode when a attacker sends crafted packets in specific order/timing, potentially causing a DoS via a stalled ...
CVE-2022-22164
The CVE describes an Improper Initialization in Juniper Networks Junos OS Evolved where a commit operation to disable Telnet does not take effect, leaving Telnet enabled. Affected are Junos OS Evolved releases prior to 20.4R2-S2-EVO; 21.1 (21.1R1-EVO) and later; and 21.2 releases prior to 21.2R2-...
CVE-2022-23408
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...
CVE-2022-23408
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...
UBUNTU-CVE-2022-23408
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...
CVE-2022-23408
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...