wolfSSL 安全特征问题漏洞

Wolfssl CyaSSL is a small, portable embedded SSL programming library for use by embedded system developers from Wolfssl USA. wolfSSL has a security vulnerability that stems from the use of non-random IV values for x prior to 5.1.1 under certain circumstances. This affects AES-CBC or DES3...

PT-2022-13011 · Unknown +4 · Virglrenderer +4

Name of the Vulnerable Software and Affected Versions: virglrenderer affected versions not specified Description: A flaw was found in the VirGL virtual OpenGL renderer. The issue arises from improper memory initialization when allocating a host-backed memory resource. A malicious guest could...

Security update for virglrenderer (important)

openSUSE Security Update: Security update for virglrenderer Announcement ID: openSUSE-SU-2022:0111-1 Rating: important References: 1194601 Cross-References: CVE-2022-0175 CVSS scores: CVE-2022-0175 SUSE: 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: openSUSE Leap 15.3 An...

Security Bulletin: Crypto Hardware Initialization and Maintenance is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Summary Crypto Hardware Initialization and Maintenance CHIM 3.0.0 as shipped with CCA 7.2.55 for MTM 4769 is affected by several vulnerabilities in Apache Log4j CVE-2021-45105 and CVE-2021-45046. CHIM is using Apache Log4j for internal logging purposes of regular user activity. The fix includes...

Raven - Advanced Cyber Threat Map (Simplified, Customizable, Responsive)

Raven - Advanced Cyber Threat Map Simplified, customizable and responsive. It uses D3.js with TOPO JSON, has 247 countries, 100,000 cities, and can be used in an isolated environment without external lookups!. Live - Demo https://qeeqbox.github.io/raven/ Offline - Demo Features Uses D3.js Not...

Mitsubishi Electric MELSEC-F Series

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-F Series Vulnerability: Improper Initialization 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a denial-of-service condition in the...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that arises from an incorrect initialization,...

Juniper Junos OS Vulnerability (JSA11272)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11272 advisory. - An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected,...

CVE-2021-46283

nftablesnewset in net/netfilter/nftablesapi.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service NULL pointer dereference and general protection fault because of the missing initialization for nftsetelemexpralloc. A local user can set a netfilter table expression i...

DEBIAN-CVE-2021-46283

nftablesnewset in net/netfilter/nftablesapi.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service NULL pointer dereference and general protection fault because of the missing initialization for nftsetelemexpralloc. A local user can set a netfilter table expression i...

UBUNTU-CVE-2021-46283

nftablesnewset in net/netfilter/nftablesapi.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service NULL pointer dereference and general protection fault because of the missing initialization for nftsetelemexpralloc. A local user can set a netfilter table expression i...

CVE-2021-46283

nftablesnewset in net/netfilter/nftablesapi.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service NULL pointer dereference and general protection fault because of the missing initialization for nftsetelemexpralloc. A local user can set a netfilter table expression i...

GSD-2022-1000037 Input: appletouch - initialize work before device registration

Input: appletouch - initialize work before device registration This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.90 by commit...

GSD-2022-1000025 Input: appletouch - initialize work before device registration

Input: appletouch - initialize work before device registration This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.224 by commit...

CVE-2022-22815

pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

DEBIAN-CVE-2022-22815

pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

ALPINE-CVE-2022-22816

pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path...

PYSEC-2022-9

pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path...

CVE-2022-22816

pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path...

CVE-2022-22815

pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...