libquartz: XXE attacks via job description

The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...

Unspecified Vulnerability in Mozilla Firefox for Android (CNVD-2021-00394)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Android Firefox that stems from a lack of service initialization and OneCRL being non-functional in the new Android Firefox. This may result in the inability to enfor...

OPENSUSE-SU-2020:2236-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME bsc1179491. - Initialized dh-nid to NIDundef in DHnewmethod bsc1177673. - Fixed a test failure in apachessl in fips mode bsc1177793. - Renamed BNgetrfc3526prime functions back...

SUSE-SU-2020:3762-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME bsc1179491. - Initialized dh-nid to NIDundef in DHnewmethod bsc1177673. - Fixed a test failure in apachessl in fips mode bsc1177793. - Renamed BNgetrfc3526prime functions back...

The vulnerability of the PDFium browser’s PDF-content processor in Google Chrome allows a hacker to gain unauthorized access to protected information.

The vulnerability of the PDFium browser’s PDF-content processor in Google Chrome relates to an improper initialization of resources. Exploiting this vulnerability could allow attackers to gain unauthorized access to protected information...

PYSEC-2020-254

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen...

PYSEC-2020-297

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen...

CVE-2020-26957

OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox...

CVE-2020-27950

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS...

CVE-2020-27950

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS...

CVE-2020-27950

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS...

CVE-2020-27950

CVE-2020-27950 is a memory initialization issue in Apple’s XNU kernel that could allow a malicious app to disclose kernel memory. The CVE is fixed in multiple Apple updates: macOS Big Sur 11.0.1, iOS 14.2/iPadOS 14.2, watchOS 7.1, watchOS 6.2.9, and Security Updates for macOS Catalina 10.15.7 (Su...

CVE-2020-27950

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS...

CVE-2020-27950

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS...

Exploit for Improper Initialization in Docker

sectoolset -- Github安全相关工具集合 主要内容： 0x00 漏洞利用实战练习&CTF安全竞赛 0x01 安全扫描器 0x02 安全防守 0x03 渗透测试 0x04 漏洞库及利用工具（POC，EXP 0x05 二进制及代码分析工具 0x06 威胁情报&蜜罐 0x07 安全文档资料 0x11 所有内容 乌云镜像 乌云镜像 乌云镜像,河蟹 近期安全热点 Nmap 7.9发布，更新Npcap，大量指纹更新 Windows Server域控 Netlogon特权提升漏洞 CVE-2020-1472 暗网中网络安全行业暴露状况研究 五眼联盟国家网络安全技术指导书...

Insecure Service Initialization

firefox does not perform secure service initialization. OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. Note: This issue only affected Firefox for Android. Other operating...

The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.

...

The vulnerability of the DCH-compatible Thunderbolt driver, related to incorrect resource initialization, allows a hacker to disclose protected information.

The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the DCH-compatible Thunderbolt driver is related to the initialization of a defaultly insecure variable, which allows an attacker to disclose protected information.

The vulnerability of the DCH-compatible Thunderbolt driver is related to the initialization of a defaultly insecure variable. Exploiting this vulnerability could allow an attacker to disclose protected information...

The vulnerability in the built-in software of the Intel NUC Kit relates to incorrect resource initialization, allowing attackers to exploit their privileges.

The vulnerability of the built-in software in the Intel NUC Kit is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...