Lucene search
K

9097 matches found

BDU FSTEC
BDU FSTEC
added 2022/02/01 12:0 a.m.3 views

The vulnerability of the nf_tables_newset function (net/netfilter/nf_tables_api.c) in Linux operating system kernels, which allows a hacker to cause a service failure

The vulnerability of the nftablesnewset function net/netfilter/nftablesapi.c in Linux operating systems is related to memory initialization errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.00316EPSS
Exploits0References8Affected Software3
OSV
OSV
added 2022/02/01 12:0 a.m.3 views

UBUNTU-CVE-2022-0175

A flaw was found in the VirGL virtual OpenGL renderer virglrenderer. The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading t...

5.5CVSS6AI score0.00311EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/01/31 11:55 a.m.28 views

CVE-2022-0175

A flaw was found in the VirGL virtual OpenGL renderer virglrenderer. The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading t...

6.5CVSS1.3AI score0.00311EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2022/01/31 12:0 a.m.45 views

Bentley View JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS4.9AI score0.01979EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/01/31 12:0 a.m.52 views

Bentley View TIF File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF...

7.8CVSS6.1AI score0.01878EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/01/31 12:0 a.m.42 views

Bentley MicroStation CONNECT JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.7AI score0.01911EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2014-0144)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.6AI score0.02155EPSS
Exploits1References4
Amazon
Amazon
added 2022/01/28 12:0 a.m.4 views

Important: kernel

Issue Overview: A NULL pointer dereference flaw may occur in the Linux kernel's relayopen in kernel/relay.c. if the allocpercpu function is not validated in time of failure and used as a valid address for access. An attacker could use this flaw to cause a denial of service. CVE-2019-19462 A new...

7.8CVSS7AI score0.04505EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-1034)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS6.7AI score0.02904EPSS
Exploits3References2
Microsoft CVE
Microsoft CVE
added 2022/01/21 8:0 a.m.4 views

nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace.

...

5.5CVSS6.5AI score0.00316EPSS
Exploits0
Code423n4
Code423n4
added 2022/01/20 12:0 a.m.9 views

Local variables are not initialized

Handle SolidityScan Vulnerability details Description The contract was found to be using local variables which were not initialized. This may introduce errors in the code if these variables are used anywhere without initialization as the default value for the variable type will be taken. Impact...

7.1AI score
Exploits0
NVD
NVD
added 2022/01/19 1:15 a.m.17 views

CVE-2022-22164

An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. When it is not intended to be operating on the device, an administrator can...

6.5CVSS0.00702EPSS
Exploits0References1
Prion
Prion
added 2022/01/19 1:15 a.m.18 views

Input validation

An Improper Initialization vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart GR helper mode even though...

4.3CVSS5.7AI score0.00827EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2022/01/19 1:15 a.m.15 views

Input validation

An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. When it is not intended to be operating on the device, an administrator can...

5CVSS5.3AI score0.00702EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/01/19 12:21 a.m.76 views

CVE-2022-22169

CVE-2022-22169 affects Juniper Networks Junos OS and Junos OS Evolved. An improper initialization in the routing protocol daemon (rpd) can cause OSPFv3 to enter graceful-restart GR helper mode when a attacker sends crafted packets in specific order/timing, potentially causing a DoS via a stalled ...

5.9CVSS5.7AI score0.00827EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2022/01/19 12:21 a.m.83 views

CVE-2022-22164

The CVE describes an Improper Initialization in Juniper Networks Junos OS Evolved where a commit operation to disable Telnet does not take effect, leaving Telnet enabled. Affected are Junos OS Evolved releases prior to 20.4R2-S2-EVO; 21.1 (21.1R1-EVO) and later; and 21.2 releases prior to 21.2R2-...

6.5CVSS5.6AI score0.00702EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/01/18 9:15 p.m.13 views

CVE-2022-23408

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...

9.1CVSS0.01231EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/01/18 9:15 p.m.26 views

CVE-2022-23408

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...

9.1CVSS7.2AI score0.01231EPSS
Exploits0References3
OSV
OSV
added 2022/01/18 9:15 p.m.1 views

UBUNTU-CVE-2022-23408

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...

9.1CVSS5.8AI score0.01231EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/01/18 8:20 p.m.14 views

CVE-2022-23408

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...

9.4AI score0.01231EPSS
Exploits0References2
Rows per page
Query Builder