The vulnerability of the XSA-365 component in the Linux operating system, related to incorrect data initialization, allows a hacker to trigger a service failure.

The vulnerability of the XSA-365 component in the Linux operating system is related to incorrect data initialization. Exploiting this vulnerability can allow an attacker to cause a service failure...

Initialize can be called multiple times!!!!

Handle pants Vulnerability details Initialize can be called multiple times. Initialize function must be called only by the contract owner and only once for safety. line 74 --- The text was updated successfully, but these errors were encountered: All reactions...

ALPINE-CVE-2021-41617

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with...

OpenSSH 安全漏洞

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers from the Openbsd Project Group. The tools are an open source implementation of the SSH protocol that supports encryption of all transmissions, effectively blocking eavesdropping, connection hijacking,...

OpenSSH -- OpenSSH 6.2 through 8.7 failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand

OpenBSD Project reports: sshd8 from OpenSSH 6.2 through 8.7 failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser directive has been set to run the command as ...

Siemens Solid Edge Viewer OBJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Samba 3.0.0 <= 3.0.1 Vulnerability (CVE-2004-0082)

mksmbpasswd shell script may create accounts with easily guessable passwords. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

CVE-2021-34703

A vulnerability in the Link Layer Discovery Protocol LLDP message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. This vulnerability is due to improper initialization of a...

USN-5073-3: Linux kernel (Raspberry Pi) vulnerabilities

Norbert Slusarek discovered that the CAN broadcast manger bcm protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-34693 Murray McAllister discovered that the...

The vulnerability of the libxl__domain_suspend_state structure in Xen hypervisors lies in the lack of resource initialization, which allows attackers to trigger a service failure.

The vulnerability of the libxldomainsuspendstate structure in Xen hypervisors stems from the fact that this structure does not utilize the standard initialization and deallocation mechanism. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the BIOS configuration in the BSSA DFT microprogramming software for Intel Xeon Scalable Processors, Intel Xeon Processors D, Intel Xeon Processors E5 v4, Intel Xeon Processors E5 v3, and Intel Xeon Processors W allows a hacker to gain increased privileges.

The vulnerability of the BIOS configuration designed for testing microprogramming software for Intel Xeon Scalable Processors, Intel Xeon Processors D, Intel Xeon Processors E5 v4, Intel Xeon Processors E5 v3, and Intel Xeon Processors W is related to initialization errors. Exploiting this...

The vulnerability of the Linux operating system’s kernel, related to memory initialization errors, allows a hacker to cause a system failure.

The vulnerability of the Linux operating system’s kernel is related to memory initialization errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

Exploit for CVE-2021-38647

cve-2021-38647 A PoC exploit for CVE-2021-38647 RCE in OMI. E...

Exploit for CVE-2021-38647

OMIGOD Proof on Concept Exploit for CVE-2021-38647 OMIGOD F...

GHSA-Q4H9-46XG-M3X9 UUPSUpgradeable vulnerability in @openzeppelin/contracts-upgradeable

Impact Upgradeable contracts using UUPSUpgradeable may be vulnerable to an attack affecting uninitialized implementation contracts. We will update this advisory with more information soon. Patches A fix is included in version 4.3.2 of @openzeppelin/contracts and @openzeppelin/contracts-upgradeabl...

Ulfius Web Framework Remote Memory Corruption Exploit

Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially remote code execution with privileges of the running process. !/usr/bin/python3 guul.p...

Ulfius Web Framework Remote Memory Corruption

!/usr/bin/python3 guul.py Ulfius Web Framework Remote Memory Corruption Vulnerability Jeremy Brown Sept 2021 Intro Ulfius Web Framework is used by a number of different projects to build web services. Some of the projects tested and confirmed vulnerable are Glewlwyd SSO Server, Taliesin Audio...

Juniper Junos OS DoS (JSA11184)

The version of Junos OS installed on the remote host is affected by a denial of service vulnerability as referenced in the JSA11184 advisory. - Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise PE chipset-based line cards...

Potential DOS in Contracts Inheriting UUPSUpgradeable.sol

Handle leastwood Vulnerability details Impact There are a number of contracts which inherit UUPSUpgradeable.sol, namely; GovernanceAction.sol, PauseRouter.sol and NoteERC20.sol. All these contracts are deployed using a proxy pattern whereby the implementation contract is used by the proxy contrac...

CVE-2021-1857

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processi...