CVE-2022-42285

DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization PEIphase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering...

libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password

A flaw was found in LibreOffice, where the required initialization vector for encryption was always the same. Stored passwords are encrypted with a single master key provided by the user. This issue weakens the security of the encryption, making them vulnerable if an attacker has access to the...

CVE-2021-26407

A randomly generated Initialization Vector IV may lead to a collision of IVs with the same key potentially resulting in information disclosure...

CVE-2021-26407

A randomly generated Initialization Vector IV may lead to a collision of IVs with the same key potentially resulting in information disclosure...

CVE-2021-26328

Failure to verify the mode of CPU execution at the time of SNPINIT may lead to a potential loss of memory integrity for SNP guests...

AMD Secure Processor 安全漏洞

AMD Secure Encrypted Virtualization is a product of AMD Semiconductor, Inc. AMD Secure Encrypted Virtualization is a software application.AMD System Management Unit SMU is a system management unit. AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip. A security vulnerability exists in AM...

CVE-2021-26407

A randomly generated Initialization Vector IV may lead to a collision of IVs with the same key potentially resulting in information disclosure...

CVE-2021-26407

A randomly generated Initialization Vector IV may lead to a collision of IVs with the same key potentially resulting in information disclosure...

CVE-2021-26407

CVE-2021-26407 describes an information-disclosure risk from a collision of randomly generated IVs with the same key. Public references in AMD security bulletins enumerate affected AMD EPYC platforms and related components (ASP, SMU, SEV) and document mitigation steps via firmware/AGESA updates. ...

PT-2023-1488 · Amd · Amd System Management Unit +2

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified AMD System Management Unit SMU affected versions not specified AMD Secure Encrypted Virtualization SEV affected versions not specified Description: The issue is related to errors in...

AMD Server Vulnerabilities – January 2023

Bulletin ID: AMD-SB-1032 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Un...

PT-2025-13355

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns data corruption on vram allocated by svm if initialization is not complete and an application is writing to the memory. To resolve this, a sync has been added after...

Destruction of the SmartAccount implementation

Lines of code Vulnerability details Description If the SmartAccount implementation contract is not initialized, it can be destroyed using the following attack scenario: Initialize the SmartAccount implementation contract using the init function. Execute a transaction that contains a single...

Contract cannot be initialized due to revert

Lines of code Vulnerability details Impact TokenggAVAX.initialize would revert due to the constructor setting initialized to typeuint8.max = 255 thus making initialized not less than 1. This does not pass the require check in initializer modifier, thus resulting to a revert thereby making...

PT-2025-54100

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the block cgroup blk-cgroup subsystem. Specifically, a NULL pointer dereference could occur due to blkg policy data being installed before...

PT-2025-49714

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the handling of request queue quality of service rq qos APIs. Specifically, concurrent access to rq qos without proper synchronization...

Inventory of Non-initialized LTO-9 Tape Fails for HPE MSL2024 and 1/8 G2 Autoloader Tape Libraries

Challenge If Veeam Backup & Replication attempts to load an LTO-9 tape that has not been initialized or has an unknown status in the library, the library will report the error Source Not Ready error SCSI Check Condition 05/4481. Error MTSCSI PASS THROUGH DIRECT ended with Scsi Error Fixed format,...

CVE-2022-40959

During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

Design/Logic Flaw

If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the ThirdPartyUtil component. This vulnerability affects Firefox 106...

Exploit for Improper Initialization in Linux Linux_Kernel

CVE...