CVE-2023-46232 era-compiler-vyper First Immutable Variable Initialization vulnerability

era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The proble...

AZL-78558 CVE-2023-5363 affecting package openssl-fips-provider 3.1.2-1

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure

VMWare Aria Operations for Networks vRealize Network Insight versions 6.0.0 through 6.10.0 do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" root user. Module Options msf...

USN-6450-1 openssl vulnerabilities

Tony Battersby discovered that OpenSSL incorrectly handled key and initialization vector IV lengths. This could lead to truncation issues and result in loss of confidentiality for some symmetric cipher modes. CVE-2023-5363 Juerg Wullschleger discovered that OpenSSL incorrectly handled the AES-SIV...

CVE-2023-5363 Incorrect cipher key & IV length processing

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

Missing Cryptographic Step

Overview openssl is a package that wraps the OpenSSL library. Affected versions of this package are vulnerable to Missing Cryptographic Step when the EVPEncryptInitex2, EVPDecryptInitex2 or EVPCipherInitex2 functions are used. An attacker can cause truncation or overreading of key and...

UBUNTU-CVE-2023-5363

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

Important: kernel-livepatch-6.1.25-37.47

Issue Overview: A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of...

CVE-2022-24401

Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of...

Exploit for Improper Initialization in Linux Linux_Kernel

Dirty Pipe Exploit: CVE-2022-0847 The Dirty Pipe vulnerability...

The vulnerability of the microprogramming software in real-time video viewing devices from Fujitsu’s IP series lies in the use of strictly encrypted login credentials. This allows a perpetrator to initialize or restart the device, as well as stop the transmission of videos.

The vulnerability of microprogrammed software in real-time video viewing devices from Fujitsu’s IP series is related to the use of strictly encrypted login credentials. Exploiting this vulnerability allows a remote attacker to initialize or restart the device, as well as stop the video transmissi...

SUSE-SU-2023:4058-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-39192: Fixed an out of bounds read in the netfilter bsc1215858. - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem bsc1215860. -...

SoftEther VPN CiRpcAccepted() authentication bypass vulnerability

Talos Vulnerability Report TALOS-2023-1754 SoftEther VPN CiRpcAccepted authentication bypass vulnerability October 12, 2023 CVE Number CVE-2023-27516 SUMMARY An authentication bypass vulnerability exists in the CiRpcAccepted functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially...

Adobe Photoshop PSD File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD...

LSN-0098-1 Kernel Live Patch Security Notice

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-3090 It...

cloud-init bug fix update

An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...

LiquidityMining.initTickTracking() called by MarketSequencer.initCurve() Check if the liquidity curve for the pool is already initialized.

Lines of code Vulnerability details MarketSequencer.initCurve can call LiquidityMining.initTickTracking any number of times, because their is no restriction for reinitialization. As stated in the comment section, putting the caller in charge of not reinitializing can lead to an unintentional...

Lack of tick range validation allows initialization of invalid ticks.

Lines of code Vulnerability details Impact Function initTickTracking initializes the tick tracking data structure, but does not validate that tick is within the min/max tick range for the pool. This could allow initializing invalid tick values. Proof of Concept Here is the line in initTickTrackin...

Existing pools will be bricked due to uninitialized state

Lines of code Vulnerability details Existing pools will be bricked due to uninitialized Summary Pools already present in the exchange will be bricked when crossTicks is called with an uninitialized tickTracking storage, which will trigger an array out of bounds error. Impact New pools in the...

tough-cookie: prototype pollution in cookie memstore

A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...