CVE-2022-2472

Improper Initialization vulnerability in the local server component of EZVIZ CS-C6N-A0-1C2WFR allows a local attacker to read the contents of the memory space containing the encrypted admin password. This issue affects: EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428...

PT-2022-16828 · Ezviz · Ezviz Cs-C6N-A0-1C2Wfr-Mul

Name of the Vulnerable Software and Affected Versions: EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428 Description: The issue is related to an Improper Initialization vulnerability in the local server component, allowing a local attacker to read the contents of the memory space...

PT-2024-11815

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue occurs during the driver initialization process in the Linux kernel, specifically in the drm/i915/gt module, where some engines may be fully set up while others are not, leadin...

Denial Of Service (DoS)

vim is vulnerable to Denial Of Service DoS.The vulnerability exists due to lack of proper initialization of the mouse click in domouse function in mouse.c, which allows an attacker to crash the application by providing a malicious input...

GHSA-FMQ7-GH8V-MJVC WildFly vulnerable to Insecure Default Initialization of Resource

A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain...

(0Day) Ansys SpaceClaim X_B File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XB...

(0Day) Ansys SpaceClaim X_B File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XB...

Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847 Exploits Dirty Pipe O que é ? Divulga...

CVE-2022-36086

linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...

CVE-2022-36086 linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`

linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...

CVE-2022-36086 linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`

linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...

CVE-2022-36086 linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`

linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...

CVE-2022-36086

CVE-2022-36086 relates to the Rust crate linked_list_allocator (no_std). Prior to 0.10.2, heap initialization methods could perform out-of-bounds writes when the heap size was too small (less than 3 × size_of::) due to metadata writes, affecting Heap::new, Heap::init, Heap::init_from_slice, Locke...

RUSTSEC-2022-0063 Multiple vulnerabilities resulting in out-of-bounds writes

The heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because of metadata write operations. When calling Heap::extend with a size smaller than two...

Improper Initialization

Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B...

CVE-2022-37128

In D-Link DIR-816 A2v1.10CNB04.img the network can be initialized without authentication via /goform/wizardend...

Authentication flaw

In D-Link DIR-816 A2v1.10CNB04.img the network can be initialized without authentication via /goform/wizardend...

USN-5572-2: Linux kernel (AWS) vulnerabilities

Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information guest kernel memory. CVE-2022-26365 Roger Pau Monné...

The vulnerability of the SBIOS component in the NVIDIA DGX A100 server’s SmbiosPei architecture allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the SBIOS component in the NVIDIA DGX A100 server’s SmbiosPei firmware is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause system failures...

PT-2022-13442 · Apache · Apache Couchdb

Name of the Vulnerable Software and Affected Versions: Apache CouchDB affected versions not specified Description: The issue is related to an insecure default initialization of resources in Apache CouchDB, which could allow an attacker to elevate their privileges to the administrator level...