PT-2022-36195 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.79 Description: The issue concerns an error handling path in the mctp init function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2022-35731 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.264 Description: The issue is related to a null pointer access in the cake init function. This problem was introduced in version v4.19 and is fixed in version v4.19.264. The actual impact and attack...

State varaible marketplace has never been initialized in LooksRareProxy.sol

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. State varaible marketplace has never been initialized in LooksRareProxy.sol. Although it has been initialized in the constructor, it won't count since functions such as execute will only be called via...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. A buffer overflow vulnerability exists in Google Android, which is caused by an out-of-bounds write in ProtocolStkProactiveCommandAdapter::Init's An out-of-bounds write due to a boundary check error exists in...

DEBIAN-CVE-2021-42381

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hashinit function...

CVE-2021-32531

OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...

Command injection

OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...

CVE-2021-32531

The CVE-2021-32531 vulnerability affects QSAN XEVO (flash data management system). It stems from an input handling flaw in the Init function that allows OS command injection, enabling remote attackers to execute arbitrary commands without privileges. Impact is high (CVE-2021-32531, CVSS v3.1: 9.8...

CVE-2021-32531 QSAN XEVO - Command Injection Following via Init function

OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...

Initialization can be front-run in USDV.sol

Handle 0xRajeev Vulnerability details Impact Given the public access, this is susceptible to front-running by an attacker who can initialize this with arbitrary assets before the deployer. Reinitialization will require contract redeployment because initialization can be done only once. Reference:...

AZL-6773 CVE-2020-26571 affecting package opensc for versions less than 0.22.0-1

The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit...

UBUNTU-CVE-2020-26571

The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit...

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

SQL injection vulnerability in the init function of iCMS latest version V7admincp.class.php page

iCMS is a free, clean, efficient, and useful PHP content management system. The latest version of iCMS V7admincp.class.php page init function has a SQL injection vulnerability that can be exploited by attackers to bypass the backend and directly log into the system to obtain sensitive information...

RarCrack 0.2 - "filename" init() .bss PoC

No description provided by source. The software can be downloaded here: http://rarcrack.sourceforge.net/ Author: stoke Date: 2010-09-20 Download: http://rarcrack.sourceforge.net/ Tested on: Backtrack 4 Site: http://devilcode.it | http://hack2web.altervista.org Special greetz to: nex, for reassure...

DEBIAN-CVE-2011-3952

The decodeinit function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large palette size...