Initialization functions can be front-run with malicious values

Handle 0xRajeev Vulnerability details Impact Most contracts have public visibility initialization functions that can be front-run, allowing an attacker to incorrectly initialize the contracts. Due to the use of the delegatecall proxy pattern, PrizePool/YieldSourcePrizePool/StakePrizePool,...

Low: samba

Issue Overview: No CVE associated with this advisory Affected Packages: samba Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update samba or yum update...

Missing initialization checks and setters for critical parameters of maxExitFee and maxTimelockDuration

Handle 0xRajeev Vulnerability details Impact maxExitFee and maxTimelockDuration are critical parameters that impact the UX and prize rewards for users. They are initialized once in initialize without any sanity/threshold checks and also lack any setters for modifying their values later in case of...

Autodesk Design Review TIF File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

SUSE SLES12 Security Update : kernel (Live Patch 39 for SLE 12 SP3) (SUSE-SU-2021:2026-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2026-1 advisory. - In l2tpsessiondelete and related functions of l2tpcore.c, there is possible memory corruption due to a use after free. This could...

PT-2021-8249 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a potential memory leak in the cppc cpufreq cpu init component of the Linux kernel. This memory leak occurs when resources are allocated but not freed in case o...

Security update for htmldoc (important)

openSUSE Security Update: Security update for htmldoc Announcement ID: openSUSE-SU-2021:0895-1 Rating: important References: 1184424 Cross-References: CVE-2021-20308 CVSS scores: CVE-2021-20308 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-20308 SUSE: 3.3...

QEMU 输入验证错误漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU suffers from an input validation error vulnerability that stems from an integer overflow in initdevring that does not check the malloc siz...

QEMU Invalid Pointer Initialization Vulnerability (CNVD-2021-45768)

QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that stems from the function udp6input using memory outside of the working mbuf buffer when processing udp packets from incoming guests that are smaller than the size of the udphdr structure. An attacker could...

QEMU Invalid Pointer Initialization Vulnerability (CNVD-2021-45769)

QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that stems from the use of memory outside of the working mbuf buffer by the function udp6input when processing udp packets from incoming guests that are smaller than the size of the udphdr structure. An attacker...

CVE-2021-3594

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udpinput function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or...

Out-of-bounds

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftpinput function and could occur while processing a udp packet that is smaller than the size of the 'tftpt' structure. This issue may lead to out-of-bounds read access or...

Design/Logic Flaw

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function and could occur while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw to leak 10 byte...

Out-of-bounds

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udpinput function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or...

UBUNTU-CVE-2021-3592

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function and could occur while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw to leak 10 byte...

CVE-2021-3592

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function and could occur while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw to leak 10 byte...

CVE-2021-3592

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function and could occur while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw to leak 10 byte...

CVE-2021-3595

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftpinput function and could occur while processing a udp packet that is smaller than the size of the 'tftpt' structure. This issue may lead to out-of-bounds read access or...

CVE-2021-28687

HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of...

CVE-2021-28687

CVE-2021-28687 concerns Xen hypervisor in HVM domains. The issue arises from a path where the soft-reset feature does not initialize the libxl__domain_suspend_state structure, causing an assert when the guest initiates a soft reboot. This leads to crashing of the process monitoring the guest. Imp...