CVE-2021-0280

Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise PE chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS Distributed Denial of Service...

CVE-2021-0280

CVE-2021-0280 affects Juniper Junos OS on PTX and QFX10K with Paradise (PE) chipset line cards. Root cause: Improper initialization in the DDoS policer path of the Packet Forwarding Engine, causing ddos-protection CLI changes to not apply beyond default DDoS settings. Impact: BFD session flapping...

Adobe Bridge MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Default configuration

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access...

CVE-2021-0144

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access...

The vulnerability of the WriteJP2Image function in the ImageMagick program, which is used for reading and editing graphic files, relates to memory initialization errors. This vulnerability allows attackers to gain access to confidential information or cause service interruptions.

The vulnerability of the WriteJP2Image function in the ImageMagick program, which is used for reading and editing graphic files, is related to incorrect initialization. Exploiting this vulnerability allows an attacker to gain access to confidential information or cause service failures...

The vulnerability of the ReadPANGOImage function in the ImageMagick graphics file reading and editing program lies in memory initialization errors. This allows attackers to gain access to confidential information or cause service interruptions.

The vulnerability of the ReadPANGOImage function in the ImageMagick graphics file reading and editing program is related to incorrect initialization. Exploiting this vulnerability allows an attacker to gain access to confidential information or cause service failures...

CVE-2021-21589

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 do not exit on failed Initialization. A local authenticated Service user could potentially exploit this vulnerability to escalate privileges...

CVE-2021-21589

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 do not exit on failed Initialization. A local authenticated Service user could potentially exploit this vulnerability to escalate privileges...

Code injection

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 do not exit on failed Initialization. A local authenticated Service user could potentially exploit this vulnerability to escalate privileges...

DELL Dell EMC Unity和UnityVSA 安全漏洞

DELL Dell EMC Unity and UnityVSA are both products of Dell DELL Corporation, U.S.A. Dell EMC Unity is a unified storage array product.UnityVSA is a set of virtual Unity storage environments. A security vulnerability exists in Dell EMC Unity, Unity XT, and UnityVSA that stems from Dell EMC Unity,...

Variables maxIndex and minIndex in sortVaultsByDelta are uninitialized

Handle shw Vulnerability details Impact The sortVaultsByDelta function of Exposure does not properly initialize the maxIndex and minIndex variables. Consider an edge case where the delta of the three stable coins are all 0. The maxIndex and minIndex variables will be all 0 and vaultIndexes will b...

vapor 代码问题漏洞

vapor is a Swift web development framework for individual developers. It can be used to develop high-performance web applications and supports iOS, OS X and Ubuntu systems. A code issue vulnerability exists in Vapor 4.47.1 and earlier versions, which stems from an error in the...

QSAN XEVO 操作系统命令注入漏洞

QSAN XEVO is a flash data management system from QSAN China. Reduces repetitive tasks and provides complete data analysis. A command injection vulnerability exists in QSAN XEVO that stems from the product's INIT function not filtering special elements of user input data. An attacker could use thi...

Philips Vue PACS (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Philips Equipment: Vue PACS Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Improper...

The vulnerability of the JPXStream::init function in the Poppler PDF rendering library, related to integer overflow of the value being filled, allows a attacker to cause a service failure.

The vulnerability of the JPXStream::init function in the Poppler PDF rendering library is related to the lack of checks for negative stream lengths. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

OpenLDAP <= 2.4.45 Improper Initialization Vulnerability

OpenLDAP is prone to an improper initialization vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

sortVaultsByDelta doesn't work as expected

Handle gpersoon Vulnerability details Impact The function sortVaultsByDelta doesn't always work as expected. Suppose all the delta's are positive, and delta1 = delta2 = delta3 0 Then maxIndex = 0 And delta minDelta ==0 is never true, so minIndex = 0 Then assuming bigFirst==true: vaultIndexes0 =...

UVI-2021-1001012 bonding: init notify_work earlier to avoid uninitialized use

bonding: init notifywork earlier to avoid uninitialized use This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.11 by commit...

GSD-2021-1000939 bonding: init notify_work earlier to avoid uninitialized use

bonding: init notifywork earlier to avoid uninitialized use This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.44 by commit...