Corel Parallels Desktop 缓冲区错误漏洞

Parallels Desktop is a virtual machine software that runs on Mac computers. A security vulnerability exists in the Toolgate component in Parallels Desktop version 15.1.5-47309. The vulnerability stems from failure to properly initialize memory before accessing it. A local attacker could exploit t...

Corel Parallels Desktop 缓冲区错误漏洞

Parallels Desktop is a virtual machine software that runs on Mac computers. A security vulnerability exists in the Toolgate component in Parallels Desktop version 15.1.4-47270. The vulnerability stems from failure to properly initialize memory before accessing it. A local attacker could exploit t...

Eclipse OpenJ9 安全漏洞

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A security vulnerability exists in Eclipse Openj9 version 0.25, which stems from the fact that the jdk.internal.reflect.ConstantPool API causes the JVM to pre-parse...

Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

Citrix WEM Agent Host Service Initialization failed - event id 0

Wem Agent fails to start - in the event log we see the error: Event id 0 - Agent host Service Initialization Failed...

Fields stuck after initialization

Handle adelamo Vulnerability details Impact If I am right, the impact could be middle or high. Proof of Concept Here you have a gist: Tools Used Vscode Recommended Mitigation Steps In order to fix the issue, we need to fetch the data from the loan wherever we need it in DebtLocker --- The text wa...

SUSE: Security Advisory (SUSE-SU-2019:0060-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the initialization procedure for Cisco IOS XE microprogrammed software on Cisco 1100 Series routers allows a hacker to execute arbitrary code.

The vulnerability of the initialization procedure for Cisco IOS XE microprogrammed software on Cisco 1100 Series routers exists because measures to neutralize special elements used in the operating system commands have not been taken. Exploiting this vulnerability can allow an attacker to execute...

Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability

Summary A code execution vulnerability exists in the mqueue inode initialization functionality of Microsoft Azure Sphere 21.01. A specially crafted set of syscalls can lead to uninitialized kernel read, which in turn leads to code execution in kernel. To trigger this vulnerability, an attacker ca...

Huawei EulerOS: Security Advisory for tpm2-tss (EulerOS-SA-2021-1752)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-1054

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus...

UBUNTU-CVE-2013-1054

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus...

CVE-2013-1054 Possible remote DOS in WebApps

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus...

Information disclosure

Trustzone initialization code will disable xPUs when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...

Clam AntiVirus 缓冲区错误漏洞

Clam AntiVirus ClamAV is an anti-virus package for use on UNIX-like systems. Mainly used in mail servers, using multi-threaded background operation, you can automatically upgrade the virus database. A denial of service vulnerability exists in Clam AntiVirus versions 0.103.0 and 0.103.1. The...

CVE-2021-28688

The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in...

CVE-2021-28688

The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in...

Design/Logic Flaw

The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in...

CVE-2021-28688

The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in...

CVE-2021-28688

The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in...