Input validation

Improper initialization for some IntelR PROSet/Wireless WiFi and KillerTM WiFi products may allow a privileged user to potentially enable escalation of privilege via local access...

Input validation

Improper initialization in the IntelR Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2022-27493

CVE-2022-27493 affects firmware in some Intel NUC Laptop Kits prior to BC0076, enabling local privilege escalation via improper initialization. The vulnerability is a firmware issue in the device initialization path that could be exploited by a privileged local user. Intel’s advisory (Intel SA-00...

USN-5572-1 linux-aws vulnerabilities

Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information guest kernel memory. CVE-2022-26365 Roger Pau Monné...

CVE-2021-23223

Improper initialization for some IntelR PROSet/Wireless WiFi and KillerTM WiFi products may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2021-23223

Improper initialization for some IntelR PROSet/Wireless WiFi and KillerTM WiFi products may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2021-23223

CVE-2021-23223 : Affected Intel PROSet/Wireless WiFi and Killer WiFi products suffer improper initialization that may allow a privileged local user to escalate privileges. Affected software includes Intel PROSet/Wireless WiFi driver/software (Windows/Linux) and Killer WiFi software; Intel’s advis...

CVE-2022-26306

A flaw was found in LibreOffice, where the required initialization vector for encryption was always the same. Stored passwords are encrypted with a single master key provided by the user. This issue weakens the security of the encryption, making them vulnerable if an attacker has access to the...

CVE-2022-37400

Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same...

Apache OpenOffice 安全特征问题特征问题漏洞

Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents, spreadsheets, presentations, drawings, databases, and more. A security signature issue vulnerability exists in Apache OpenOffice versions prior to 4.1.13, which ste...

NetBSD Kernel stat System Call Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the stat...

Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847 Modified dirtypipe script into auto root without...

CVE-2022-37400 Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password

Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same...

PT-2022-23973 · Apache · Apache Openoffice +1

Name of the Vulnerable Software and Affected Versions: Apache OpenOffice versions prior to 4.1.13 Description: A flaw in Apache OpenOffice exists where the required initialization vector for encryption is always the same, weakening the security of the encryption. This makes stored passwords...

USN-5562-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5560-2 linux-hwe, linux-aws-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5560-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

Intel NUC 安全漏洞

Intel NUC is a small minicomputer from Intel USA. A security vulnerability exists in Intel NUC Laptop Kits, which stems from incorrect initialization. An attacker exploited the vulnerability to elevate privileges...

Intel PROSet/Wireless WiFi Software 安全漏洞

Intel PROSet/Wireless WiFi Software is a wireless network card driver from Intel Corporation USA. A security vulnerability exists in Intel PROSet/Wireless WiFi Software versions prior to 22.120 and KillerTM WiFi versions prior to 3.1122.1105, which stems from incorrect initialization and could...

Intel® IPP Cryptography Advisory

Summary: A potential security vulnerability in an Intel® Integrated Performance Primitives IPP Cryptography software library may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26083 Description:...