Input validation

Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface em0 but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may...

The vulnerability of the psf_binheader_readf() function in the library for reading and writing audio files libsndfile allows a attacker to cause a service denial.

The vulnerability of the psfbinheaderreadf function in the library for reading and writing audio files in libsndfile is due to errors during initialization. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

CVE-2022-22186

Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface em0 but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may...

USN-5377-1: Linux kernel (BlueField) vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 Yiqi Sun and Kevin Wang discovered that the...

CVE-2022-21168

The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...

CVE-2022-21168 ICSA-22-090-03 Fuji Electric Alpha5

The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...

CVE-2022-21168 ICSA-22-090-03 Fuji Electric Alpha5

The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...

CVE-2022-21168

Fuji Electric Alpha5 is affected by CVE-2022-21168 due to an invalid pointer initialization in C5V file parsing, enabling information disclosure. The root cause is an uninitialized pointer accessed during parsing, with vulnerability details appearing in multiple sources (NVD entry, ICS advisory, ...

Bentley Systems Bentley View 安全漏洞

Bentley Systems Bentley View is a free viewer from Bentley Systems, USA. A security vulnerability exists in Bentley View version 10.16.02.022, which stems from a specific flaw in the 3DM file parsing process that does not properly initialize memory before accessing it. An attacker could exploit t...

Bentley MicroStation CONNECT 3DM File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Bentley Systems MicroStation 代码注入漏洞

Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A code injection vulnerability exists in Bentley MicroStation CONNECT version 10.16.02.34, which originates from not properly initializing memory before accessing it. An attacker...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.511.5.5.1.el7uek - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug: 34018777 CVE-2022-1016...

CVE-2021-44169

A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

Input validation

A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

CVE-2021-44169

A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847 L...

The vulnerability of the AES GCM encryption function of the authentication and authorization module for the Apache 2.x HTTP server Mod_auth_openidc allows a perpetrator to access confidential data.

The vulnerability of the AES GCM module’s authentication and authorization function for the Apache 2.x HTTP server Modauthopenidc is related to the use of static IVs and AADs. Exploiting this vulnerability allows a malicious actor to gain access to confidential data...

Constructor cannot be used in upgradeable contracts

Lines of code Vulnerability details Details As per OpenZeppelin’s documentation, “Due to a requirement of the proxy-based upgradeability system, no constructors can be used in upgradeable contracts.” reason being “the code within a logic contract’s constructor will never be executed in the contex...

Microsoft Win32k Privilege Escalation Vulnerability

The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges...

CLSA-2022-1648067859 Fix of CVE: CVE-2022-0847

lib/ioviter: initialize "flags" in new pipebuffer Max Kellermann CVE-2022-0847...