Timelock can be set by anyone except admin since it was not initialize

Lines of code Vulnerability details Impact Timelock can be manipulate by anyone Proof of Concept Timelock NounsDAOExecutor can be set by anyone since timelock was not set acceptAdmin on initialize so it can be manipulate. Tools Used Manual Review Recommended Mitigation Steps Adding...

AZL-35347 CVE-2022-0175 affecting package virglrenderer for versions less than 0.9.1-3

A flaw was found in the VirGL virtual OpenGL renderer virglrenderer. The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading t...

CVE-2022-0175

A flaw was found in the VirGL virtual OpenGL renderer virglrenderer. The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading t...

CVE-2022-0175

CVE-2022-0175 affects virglrenderer (VirGL virtual OpenGL renderer). A flaw in how memory is initialized for host-backed resources allows a malicious guest to mmap the guest kernel and read uninitialized host memory, potentially leaking information. Impact is information disclosure; attack vector...

CVE-2022-0175

A flaw was found in the VirGL virtual OpenGL renderer virglrenderer. The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading t...

Ubuntu: Security Advisory (USN-819-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5579-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5299-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5582-1: Linux kernel (Azure CVM) vulnerabilities

Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. CVE-2022-34918 Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux...

Apache CouchDB Insecure Default Initialization of Resource Vulnerability

Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges...

CVE-2021-4037

A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belon...

CVE-2021-4037

A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belon...

CVE-2022-32480

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure...

CVE-2022-32480

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure...

Dell PowerScale OneFS 安全漏洞

Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. A security vulnerability exists in Dell PowerScale OneFS versions 9.0.0 through 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, which stems from an insecure default...

PT-2022-21336 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 9.0.0 through 9.1.0.19 Dell PowerScale OneFS version 9.2.1.12 Dell PowerScale OneFS version 9.3.0.6 Dell PowerScale OneFS version 9.4.0.2 Description: The issue is related to an insecure default initialization o...

CVE-2022-32579

Improper initialization in the firmware for some IntelR NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access...

CVE-2022-27493

Improper initialization in the firmware for some IntelR NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable an escalation of privilege via local access...

Input validation

Improper initialization in the firmware for some IntelR NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access...

CVE-2022-24378

Improper initialization in the IntelR Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access...