Input validation

Improper initialization in some IntelR NUC 13 Extreme Compute Element, IntelR NUC 13 Extreme Kit, IntelR NUC 11 Performance Kit, IntelR NUC 11 Performance Mini PC, IntelR NUC Compute Element, IntelR NUC Laptop Kit, IntelR NUC Pro Kit, IntelR NUC Pro Board and IntelR NUC Pro Mini PC BIOS firmware...

CVE-2023-27887

Improper initialization in BIOS firmware for some IntelR NUCs may allow a privileged user to potentially enable information disclosure via local access...

Intel(R) NUC BIOS firmware security vulnerability

The Intel NUC is a small minicomputer from Intel Corporation USA. A security vulnerability exists in the IntelR NUC BIOS firmware that originates from improper initialization. An attacker can exploit the vulnerability to obtain sensitive information...

Intel BIOS firmware security vulnerability

Intel BIOS firmware is a set of programs from the U.S.-based Intel Corporation that are solidified onto a ROM chip on the motherboard inside a computer. A security vulnerability exists in the IntelR Processors BIOS firmware that originates from improper initialization. An attacker could exploit t...

Intel NUC Security Vulnerability

The Intel NUC is a small minicomputer from Intel Corporation USA. A security vulnerability exists in the IntelR NUCs BIOS firmware that originates from improper initialization. An attacker can exploit the vulnerability to obtain sensitive information...

_scheduleUpdate() should be called during initialize ing the SecurityCouncilManager

Lines of code Vulnerability details Impact Updates will not be scheduled through timelocks and target upgrade executors by the scheduleUpdate call. Initial set of cohort members will not be scheduled. Proof of Concept In SecurityCouncilManager whenever a new member is added, or removed or swapped...

SAMSUNG Mobile devices buffer error vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Aug-2023 Release 1 version, which stems from an incorrect input validation vulnerability in the...

add_gauge doesn't initialize time_weight and update time_sum

Lines of code Vulnerability details Impact In Curve's implementation, when adding gauge, timeweight of gauge type is being initialized and timesum being updated. if self.timesumgaugetype == 0: self.timesumgaugetype = nexttime self.timeweightaddr = nexttime Since timesum has been set in constructo...

PT-2023-18452 · Intel · Intel Nuc Bios Firmware

Name of the Vulnerable Software and Affected Versions: IntelR NUC BIOS firmware affected versions not specified Description: The issue is related to improper initialization in the IntelR NUC BIOS firmware, which may allow a privileged user to potentially enable information disclosure via local...

Invalid startDate check in SecurityCouncilNomineeElectionGovernorTiming contract

Lines of code Vulnerability details Summary The SecurityCouncilNomineeElectionGovernorTiming contract has an invalid startDate check in the SecurityCouncilNomineeElectionGovernorTiminginit function. The check ensures that the startDate is in the future, but it does not check that the startDate is...

SUSE SLES15 Security Update : libqt5-qtsvg (SUSE-SU-2023:3209-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3209-1 advisory. - Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps::growAppend called from...

UBUNTU-CVE-2023-4194

A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits -...

SUSE-SU-2023:3209-1 Security update for libqt5-qtsvg

This update for libqt5-qtsvg fixes the following issues: - CVE-2021-45930: Fixed an out-of-bounds write that may have lead to a denial-of-service bsc1196654. - CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont munitsPerEm variable bsc1211298...

SUSE CVE-2023-4132

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition...

PT-2023-35932 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash occurs in the following functions: initialize encryption key, cli ole2 extract, and...

The vulnerability of the Portmapper service in B&R Automation Runtime software for process control and management systems, related to initialization errors, allows a malicious actor to trigger a service failure.

The vulnerability of the Portmapper service in B&R Automation Runtime software for process control and management involves initialization errors. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending SYN requests...

CVE-2023-4132

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition...

DEBIAN-CVE-2023-4132

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition...

AZL-27852 CVE-2023-4132 affecting package kernel for versions less than 5.15.126.1-1

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition...

CVE-2023-4132

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition...