CVE-2022-29695

Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an incomplete unicorn engine initialization...

PT-2022-3953 · Document Foundation +8 · Libreoffice +8

Name of the Vulnerable Software and Affected Versions: LibreOffice versions prior to 7.2.7 LibreOffice versions prior to 7.3.1 Description: The issue is related to insufficiently strong encryption of data in the user configuration database of LibreOffice. This weakness can be exploited by a remot...

CVE-2022-26722

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges...

CVE-2022-26721

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges...

CVE-2022-26721

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges...

CVE-2022-26722

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges...

CVE-2022-26722

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges...

CVE-2022-26721

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges...

CVE-2022-26722

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges...

CVE-2022-26722

Summary (CVE-2022-26722): The memory initialization issue is fixed in Security Update 2022-004 for macOS Catalina, macOS Monterey 12.4, and macOS Big Sur 11.6.6. The vulnerability could allow a malicious application to gain root privileges. Publicly available connected documents confirm the same ...

CVE-2022-26721

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges...

The vulnerability of the chown_one() function in the initialization subsystem and systemd service management allows a attacker to increase their privileges.

The vulnerability of the chownone function in the system initialization and systemd service management subsystem is related to the simultaneous execution using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to increase their privileges...

EulerOS 2.0 SP3 : python-pillow (EulerOS-SA-2022-1760)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 - pathgetbbox in path.c in Pillow befor...

PT-2022-6491 · Sox +4 · Sox +4

Name of the Vulnerable Software and Affected Versions: SoX version 14.4.2 Description: The issue is related to an assertion failure in the rate init function within the rate.c component of the SoX audio editor. This failure is due to insufficient use of the assert function. Exploitation of this...

GHSA-CJW4-2W9R-R8MV Missing Initialization of Resource in Apache Arrow

While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory...

Magento 2 Community Edition Cryptographic Flaw

A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts...

Missing Initialization of Resource in Apache Arrow

While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory...

Use of Uninitialized Function Pointer

Description When providing a crafted input binary to radare2, the context-readaddr function pointer is never initialized before use. This is due to the switch statement responsible for the assignment not finding a matching value for its switch cases. Calling function c static bool...

CVE-2021-1405

A flaw was found in clamav. The email parsing module could allow an unauthenticated, remote attacker to cause a denial of service condition due to improper variable initialization that may result in an NULL pointer read. The highest threat from this vulnerability is to system availability...

The vulnerability of the CouchDB database management system, related to insecure resource initialization, allows attackers to escalate their privileges.

The vulnerability of the CouchDB database management system is related to the insecure initialization of resources. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...