kernel: double free in bluetooth subsystem when the HCI device initialization fails

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system...

Hitachi Energy Relion 670/650/SAM600-IO

1. EXECUTIVE SUMMARY CVSS v3 8.1 Vendor: Hitachi Energy Equipment: Relion 670/650/SAM600-IO Vulnerability: Insecure Default Initialization of Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could hijack existing TCP sessions to inject packets of their choosing or cause...

The vulnerability of the QEMU hardware emulation API, related to writing beyond the buffer boundaries, allows a hacker to trigger a service failure.

The vulnerability of the QEMU hardware emulation API is related to an initialization error in the memory region cache. Exploiting this vulnerability can allow an attacker to cause a system failure...

Fuji Electric Tellus Lite V-Simulator V8 File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

NewStart CGSL MAIN 6.02 : grub2 Multiple Vulnerabilities (NS-SA-2021-0133)

The remote NewStart CGSL host, running version MAIN 6.02, has grub2 packages installed that are affected by multiple vulnerabilities: - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an...

CVE-2021-34855

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

CVE-2021-34855

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

Design/Logic Flaw

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

CVE-2021-34855

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

DOS By Front Running DelegatedStaking initialize

Handle elprofesor Vulnerability details Impact DelegatedStaking utilizes the ERC1967 upgradeable proxy standard. This relies on an implementation contract being deployed and then reused or consumed by a proxy contract. As proxy contracts are unable to leverage a constructor they typically use an...

Updated libslirp packages fix security vulnerability

Invalid pointer initialization issues were found in the SLiRP networking implementation of QEMU. In the bootpinput function while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory fr...

GSD-2021-1001708 KVM: x86: Handle SRCU initialization failure during page track init

KVM: x86: Handle SRCU initialization failure during page track init This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.10 by commit...

GSD-2021-1001635 KVM: x86: Handle SRCU initialization failure during page track init

KVM: x86: Handle SRCU initialization failure during page track init This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.71 by commit...

UVI-2021-1001635 KVM: x86: Handle SRCU initialization failure during page track init

KVM: x86: Handle SRCU initialization failure during page track init This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.71 by commit...

Exploit for Improper Initialization in Docker

sectoolset -- Github安全相关工具集合 主要内容： 0x00 漏洞利用实战练习&CTF安全竞赛 0x01 安全扫描器 0x02 安全防守 0x03 渗透测试 0x04 漏洞库及利用工具（POC，EXP 0x05 二进制及代码分析工具 0x06 威胁情报&蜜罐 0x07 安全文档资料 0x11 所有内容 乌云镜像 乌云镜像 乌云镜像,河蟹 近期安全热点 Microsoft 365 Defender研究团队和威胁情报中心（MSTIC）的SolarWinds攻击分析文章 OpenSSL 拒绝式攻击严重漏洞CVE-2020-1971 安全论文：《Measuring and...

Foxit PDF Reader Annotation Use of Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Vulnerability of operating systems macOS, watchOS, iOS, and iPadOS, related to initialization errors, allowing attackers to disclose sensitive information

The vulnerabilities of operating systems macOS, watchOS, iOS, and iPadOS are related to initialization errors. Exploiting these vulnerabilities can allow attackers to disclose sensitive information that is protected by security measures...

The vulnerability of the hci_dev_do_open() function in the Linux kernel’s device initialization subsystem, related to the repeated memory release, allows a attacker to trigger a service failure.

The vulnerability of the hcidevdoopen function in the Linux kernel’s device initialization subsystem is related to the repeated release of memory. Exploiting this vulnerability allows an attacker to cause a service failure using the malicious HCI TTY Bluetooth device...

The vulnerability of the XSA-365 component in the Linux operating system, related to incorrect data initialization, allows a hacker to trigger a service failure.

The vulnerability of the XSA-365 component in the Linux operating system is related to incorrect data initialization. Exploiting this vulnerability can allow an attacker to cause a service failure...

Initialize can be called multiple times!!!!

Handle pants Vulnerability details Initialize can be called multiple times. Initialize function must be called only by the contract owner and only once for safety. line 74 --- The text was updated successfully, but these errors were encountered: All reactions...