Updated qt4/qtsvg5 packages fix security vulnerability

Out-of-bounds write in QtPrivate::QCommonArrayOps::growAppend CVE-2021-45930 QtSvg QSvgFont munitsPerEm initialization is mishandled. CVE-2023-32573...

Ubuntu: Security Advisory (USN-6231-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-54155

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the /dev/vtpmx creation process within the tpm vtpm proxy driver. The /dev/vtpmx device becomes visible before the workqueue is initialized, potentially leadin...

initialize function can be front run

Lines of code Vulnerability details Impact Initialize function have the potential of front running by a malicious actor. An attacker can front-run the deployer and takeover the contract by setting itself as the owner in the Contract. Taking ownership will result in carrying out malicious acts tha...

PT-2025-54162

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the initialization of wait queue head t. Specifically, the refscale test can occasionally cause a kernel crash due to an attempt to access an...

Kofax Power PDF printf Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ut...

Contract can be initialized with arbitrary or non functional address

Lines of code Vulnerability details Impact An attacker can pass invalid addresses to the initialize function, potentially leading to unexpected behavior and security vulnerabilities in the contract Proof of Concept The initialize function is intended to be called only once to initialize the...

The vulnerability of the amd_sfh_hid_client_init() function in the AMD Sensor Fusion Hub driver for Linux operating systems allows a hacker to induce a service failure.

The vulnerability of the amdsfhhidclientinit function in the AMD Sensor Fusion Hub driver for Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847-Exploit-Implementation This is a POC showing ho...

CLSA-2023-1688678532 Fix CVE(s): CVE-2021-41617

SECURITY UPDATE: Allows privilege escalation - debian/patches/CVE-2021-41617.patch: Added correct user group initialization. - CVE-2021-41617...

CVE-2022-48518

Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, whi...

CVE-2022-48518

Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, whi...

CVE-2023-26136

A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which originates from a vulnerability in the system where the signature verification service is...

CVE-2023-21638

Memory corruption in Video while calling APIs with different instance ID than the one received in initialization...

CVE-2023-21638 Incorrect Type Conversion or Cast in Video

Memory corruption in Video while calling APIs with different instance ID than the one received in initialization...

Qualcomm Chipsets 代码问题漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption issue that occurs when the API for calling the instance ID differs from the instance ID received in initialization...

PT-2023-18301 · Qualcomm · Snapdragon +40

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue involves memory corruption in video when calling APIs with a different instance ID than the one received during initialization. Recommendations: At the moment, there is no...

Owner will be address(0) because it is not initialized

Lines of code Vulnerability details Impact Owner will be address0 making the functions which use the onlyOwner modifier insolvable Proof of Concept There are contracts in the protocol which use the Ownable from OZ: esLBRBoost.sol, EUSDMiningIncentives.sol, ProtocolRewardsPool.sol,...

Ovarro TBox RTUs 安全特征问题漏洞

Ovarro TBox RTUs is a modular remote monitoring and automation solution from Ovarro Germany. The Ovarro TBox RTUs suffers from a security signature issue vulnerability that arises from the use of insufficient entropy to generate software security tokens, where the random seed used to generate the...