CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2022/11/09 12:0 a.m.•4 views

PT-2025-13284

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A locking issue in the Linux kernel's f2fs file system has been resolved. The problem occurred because spin lock&sbi-error lock was called before spin lock init was called, resulting in ...

5.5CVSS5.5AI score0.00008EPSS

Exploits0References19

Code423n4•added 2022/11/09 12:0 a.m.•32 views

Unsafe Initializations Of Bridge Contracts

Lines of code Vulnerability details Vulnerability Details During the zkSync initialization process, several complicated tasks would be required to execute. Incorrect configurations in some tasks could lead to unexpected vulnerabilities. One task of the zkSync initialization process is deploying a...

7.1AI score

RedHat Linux•added 2022/11/08 9:32 a.m.•1 views

kernel: drm/virtio: Ensure that objs is not NULL in virtio_gpu_array_put_free()

A flaw was found in the virtio-gpu module in the Linux kernel. If the initialization fails, for example, due to a fault injection, a missing check in the virtiogpuarrayputfree function can cause a NULL pointer dereference, resulting in a denial of service...

5.5CVSS6.5AI score0.00017EPSS

RedHat Linux•added 2022/11/08 9:32 a.m.•1 views

kernel: ath9k_htc: fix uninit value bugs

In the Linux kernel, the following vulnerability has been resolved: ath9khtc: fix uninit value bugs Syzbot reported 2 KMSAN bugs in ath9k. All of them are caused by missing field initialization. In htcconnectservice svcmetalen and pad are not initialized. Based on code it looks like in current sk...

5.5CVSS6.4AI score0.00007EPSS

RedHat Linux•added 2022/11/08 9:32 a.m.•2 views

kernel: RDMA/hfi1: Prevent use of lock before it is initialized

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent use of lock before it is initialized If there is a failure during probe of hfi1 before the sdmamaplock is initialized, the call to hfi1freedevdata will attempt to use a lock that has not been initialized. If th...

5.5CVSS6.3AI score0.00011EPSS

Tenable Nessus•added 2022/11/07 12:0 a.m.•40 views

Siemens SIMATIC S7-1500 Improper Initialization (CVE-2020-8744)

Improper initialization in subsystem for IntelR CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, IntelR TXE versions before 4.0.30 IntelR SPS versions before E305.01.04.200 may allow a privileged user to potentially enable escalation of privilege via local access. This plugin...

7.8CVSS7.3AI score0.0016EPSS

Exploits0References7

Positive Technologies•added 2022/11/05 12:0 a.m.•3 views

PT-2022-24952 · Wasmtime · Wasmtime

Name of the Vulnerable Software and Affected Versions: Wasmtime versions prior to 2.0.2 Description: There is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance, the initial heap snapshot of the prior instance can be...

8.6CVSS8.2AI score0.00333EPSS

Exploits0References17

CNNVD•added 2022/11/04 12:0 a.m.•2 views

OpenZeppelin 安全漏洞

OpenZeppelin is a software application. A standard for secure blockchain applications. A security vulnerability exists in OpenZeppelin Contracts versions 3.2.0 and later through 4.4.1 and earlier, which stems from an exception set to support multiple inheritance that breaks the expectation of a...

5.6CVSS6AI score0.00587EPSS

Exploits0References3

Cvelist•added 2022/11/04 12:0 a.m.•14 views

CVE-2022-39384 OpenZeppelin Contracts initializer reentrancy may lead to double initialization

OpenZeppelin Contracts is a library for secure smart contract development. Before version 4.4.1 but after 3.2.0, initializer functions that are invoked separate from contract creation the most prominent example being minimal proxies may be reentered if they make an untrusted non-view external cal...

5.6CVSS6AI score0.00587EPSS

Code423n4•added 2022/11/03 12:0 a.m.•16 views

reentrancyGuardInitializer modifier used on constructor and Initialize functions

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. In L1ERC20Bridge.sol there are two places where the reentrancyGuardInitializer modifier is used. It's found on both the constructor function and also on the initialize function. This is a problem becaus...

6.8AI score

Positive Technologies•added 2022/10/26 12:0 a.m.•2 views

PT-2022-36709 · Oracle · Java.Base

Name of the Vulnerable Software and Affected Versions: java.base affected versions not specified Description: A security exception crash has been reported. The crash occurs in the jaz.Zer class during the initialization process, specifically in the java.lang.Class.forName0 and...

7AI score

CNNVD•added 2022/10/24 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly initializing memory. An attacker could exploit this vulnerability to execute arbitrary code in...

5.1CVSS6.6AI score0.00094EPSS

Code423n4•added 2022/10/23 12:0 a.m.•9 views

Uninitialized local variable uint256 _i

Lines of code Vulnerability details Impact Uninitialized local variable uint256 i is a variable that was declared inside a function but it was not assigned a value. It contains default value for that data type. Using an uninitialized variable in an expression may give unexpected results or cause...

6.8AI score

OSV•added 2022/10/21 2:24 p.m.•1 views

USN-5695-1 linux-gcp vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

8.2CVSS6.7AI score0.00442EPSS

Exploits1References10

OSV•added 2022/10/21 11:15 a.m.•1 views

UBUNTU-CVE-2022-3637

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function jlinkinit of the file monitor/jlink.c of the component BlueZ. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier of...

5.5CVSS6AI score0.00024EPSS

Positive Technologies•added 2022/10/21 12:0 a.m.•2 views

PT-2022-36695 · Oracle · Java.Base

7AI score