CVE-2021-34703

A vulnerability in the Link Layer Discovery Protocol LLDP message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. This vulnerability is due to improper initialization of a...

USN-5073-3: Linux kernel (Raspberry Pi) vulnerabilities

Norbert Slusarek discovered that the CAN broadcast manger bcm protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-34693 Murray McAllister discovered that the...

The vulnerability of the libxl__domain_suspend_state structure in Xen hypervisors lies in the lack of resource initialization, which allows attackers to trigger a service failure.

The vulnerability of the libxldomainsuspendstate structure in Xen hypervisors stems from the fact that this structure does not utilize the standard initialization and deallocation mechanism. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s kernel, related to memory initialization errors, allows a hacker to cause a system failure.

The vulnerability of the Linux operating system’s kernel is related to memory initialization errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

The vulnerability of the BIOS configuration in the BSSA DFT microprogramming software for Intel Xeon Scalable Processors, Intel Xeon Processors D, Intel Xeon Processors E5 v4, Intel Xeon Processors E5 v3, and Intel Xeon Processors W allows a hacker to gain increased privileges.

The vulnerability of the BIOS configuration designed for testing microprogramming software for Intel Xeon Scalable Processors, Intel Xeon Processors D, Intel Xeon Processors E5 v4, Intel Xeon Processors E5 v3, and Intel Xeon Processors W is related to initialization errors. Exploiting this...

Exploit for CVE-2021-38647

cve-2021-38647 A PoC exploit for CVE-2021-38647 RCE in OMI. E...

Exploit for CVE-2021-38647

OMIGOD Proof on Concept Exploit for CVE-2021-38647 OMIGOD F...

GHSA-Q4H9-46XG-M3X9 UUPSUpgradeable vulnerability in @openzeppelin/contracts-upgradeable

Impact Upgradeable contracts using UUPSUpgradeable may be vulnerable to an attack affecting uninitialized implementation contracts. We will update this advisory with more information soon. Patches A fix is included in version 4.3.2 of @openzeppelin/contracts and @openzeppelin/contracts-upgradeabl...

Ulfius Web Framework Remote Memory Corruption Exploit

Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially remote code execution with privileges of the running process. !/usr/bin/python3 guul.p...

Juniper Junos OS DoS (JSA11184)

The version of Junos OS installed on the remote host is affected by a denial of service vulnerability as referenced in the JSA11184 advisory. - Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise PE chipset-based line cards...

Ulfius Web Framework Remote Memory Corruption

!/usr/bin/python3 guul.py Ulfius Web Framework Remote Memory Corruption Vulnerability Jeremy Brown Sept 2021 Intro Ulfius Web Framework is used by a number of different projects to build web services. Some of the projects tested and confirmed vulnerable are Glewlwyd SSO Server, Taliesin Audio...

Potential DOS in Contracts Inheriting UUPSUpgradeable.sol

Handle leastwood Vulnerability details Impact There are a number of contracts which inherit UUPSUpgradeable.sol, namely; GovernanceAction.sol, PauseRouter.sol and NoteERC20.sol. All these contracts are deployed using a proxy pattern whereby the implementation contract is used by the proxy contrac...

CVE-2021-1857

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processi...

CVE-2021-1860

A memory initialization issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to disclose kernel memory...

DEBIAN-CVE-2021-1820

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory...

CVE-2021-1820

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory...

UBUNTU-CVE-2021-1820

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory...

Memory corruption

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory...

CVE-2021-1820

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory...

CVE-2021-1820

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory...