PT-2021-6452 · Unknown +5 · Mod Auth Openidc +5

Name of the Vulnerable Software and Affected Versions: mod auth openidc versions prior to 2.4.9 Description: The issue is related to the AES GCM encryption in mod auth openidc, which uses a static IV and AAD. This creates a static nonce and can lead to known cryptographic issues since the same ke...

Input validation

Improper initialization in the BMC firmware for some IntelR Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2020-24475

Improper initialization in the BMC firmware for some IntelR Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2020-24507

Improper initialization in a subsystem in the IntelR CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access...

CVE-2020-24507

Improper initialization in a subsystem in the IntelR CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access...

CVE-2021-0095

Improper initialization in the firmware for some IntelR Processors may allow a privileged user to potentially enable a denial of service via local access...

CVE-2020-24507

Improper initialization in a subsystem in the IntelR CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access...

Input validation

Improper initialization in a subsystem in the IntelR CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access...

Input validation

Improper initialization in the firmware for some IntelR Processors may allow a privileged user to potentially enable a denial of service via local access...

CVE-2020-24507

CVE-2020-24507 is an information-disclosure vulnerability due to improper initialization in the Intel CSME subsystem. Reports in connected docs (Intel advisory INTEL-SA-00459) state it affects Intel CSME versions prior to: 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32,...

Intel Processors 处理逻辑错误漏洞

Intel Processors are provided by Intel Corporation USA to interpret computer instructions and process data in computer software. A Processing Logic Error vulnerability exists in Intel Processors, which arises from improper firmware initialization that could allow a privileged user to enable a...

AZL-34858 CVE-2021-3564 affecting package kernel for versions less than 6.6.35.1-4

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13...

CSME 信息泄露漏洞

CSME is known as the Intel Management Engine BIOS Extension. An information disclosure vulnerability exists in IntelR CSME that stems from improper subsystem initialization in CSME, which could allow a privileged user to locally access sensitive information, resulting in an information disclosure...

Intel INTEL-SA-00463 安全漏洞

Intel INTEL-SA-00463 is the BIOS firmware for Intel® processors from Intel Corporation USA. A security vulnerability exists in INTEL-SA-00463, which stems from an improper initialization of the processor's firmware could allow a privileged user to enable privileged escalation via local access...

OpenText Brava! Desktop IGS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

PT-2024-11170 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13-rc3 Description: The vulnerability is related to the initialization of cad pid in the Linux kernel. During boot, kernel init freeable initializes cad pid to the init task's struct pid. Later, when cad pid i...

UVI-2021-1000578 net: hns3: put off calling register_netdev() until client initialize complete

net: hns3: put off calling registernetdev until client initialize complete This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.42 by commit...

GSD-2021-1000532 net: hns3: put off calling register_netdev() until client initialize complete

net: hns3: put off calling registernetdev until client initialize complete This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.9 by commit...

PT-2024-11278 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the initialization of the usb2 PHY glue in the Linux kernel when only PHY1 is used, such as on the Odroid-HC4 device. The regmap init code uses the usb2 ports...

EulerOS 2.0 SP9 : grub2 (EulerOS-SA-2021-1948)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to...