Record::read : Custom `Read` on uninitialized buffer may cause UB

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Record::read Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized...

SUSE SLES15 Security Update : stunnel (SUSE-SU-2021:0194-1)

This update for stunnel fixes the following issues : Security issue fixed : The 'redirect' option was fixed to properly handle 'verifyChain = yes' bsc1177580. Non-security issues fixed : Fix startup problem of the stunnel daemon bsc1178533 update to 5.57 : - Security bugfixes - New features - New...

Exploit for Improper Initialization in Apple Ipados

This is a PoC exploit for CVE-2020-27950, a vulnerability in the macOS kernel that allows for a port pointer leak. The exploit targets the macOS kernel and leverages a vulnerability in the kalloc.1024 buffer to allocate a controlled buffer with a magic value. The exploit then creates an ipckmsg...

PT-2021-7753 · Linux +8 · Linux Kernel +8

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability was found in the fs/inode.c:inode init owner function logic of the Linux kernel. This issue allows local users to create files for the XFS file-system with unintended...

VulnCheck KEV: CVE-2018-8514

An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory, aka "Remote Procedure Call runtime Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server...

Reading uninitialized memory can cause UB (`Deserializer::read_vec`)

Deserializer::readvec created an uninitialized buffer and passes it to a user-provided Read implementation Deserializer.reader.readexact. Passing an uninitialized buffer to an arbitrary Read implementation is currently defined as undefined behavior in Rust. Official documentation for the Read tra...

UBUNTU-CVE-2020-35508

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process...

Linux: Read /etc/inetd.* and /etc/xinetd.* files

xinetd performs the same function as inetd: it starts programs that provide Internet services. Instead of having such servers started at system initialization time, and be dormant until a connection request arrives, xinetd is the only daemon process started and it listens on all service ports for...

Mersive Solstice Pod Security Vulnerability

Mersive Solstice Pod is a software application for conference screen sharing from Mersive USA. A security vulnerability exists in Solstice Pod versions prior to 3.3.0 or Open4.3, which stems from the ability to enumerate administrator passwords using a brute force attack via the configuration...

Odoo 输入验证错误漏洞

Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . An input validation...

Unspecified Vulnerability in Phoenix Contact mGuard Devices

Phoenix Contact Mguard is a firewall device for industrial environments from Phoenix Contac. The device features multiple protection modes, deep packet inspection, malware and virus detection. A security vulnerability exists in Phoenix Contact mGuard Devices, which stems from the fact that for...

CVE-2020-12523

On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports g...

CVE-2020-12523 Phoenix Contact mGuard Devices versions before 8.8.3: LAN ports get functional after reboot even if they are disabled in the device configuration

On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports g...

CVE-2020-12523

Affected product: Phoenix Contact mGuard Devices (versions before 8.8.3) with LAN ports or an integrated LAN switch. Root cause: On reboot, the device exhibits Missing Initialization of Resource, causing LAN ports that were disabled by configuration to become functional again. In devices with an ...

Phoenix Contact mGuard Devices 安全漏洞

Phoenix Contact Mguard is a firewall device for industrial environments from Phoenix Contac. The device features multiple protection modes, deep packet inspection, malware and virus detection. A security vulnerability exists in Phoenix Contact mGuard Devices, which stems from the fact that for...

libquartz: XXE attacks via job description

The Terracotta Quartz Scheduler is susceptible to an XML external entity attack XXE through a job description. This issue stems from inadequate handling of XML external entity XXE declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to...

Unspecified Vulnerability in Mozilla Firefox for Android (CNVD-2021-00394)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Android Firefox that stems from a lack of service initialization and OneCRL being non-functional in the new Android Firefox. This may result in the inability to enfor...

OPENSUSE-SU-2020:2236-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME bsc1179491. - Initialized dh-nid to NIDundef in DHnewmethod bsc1177673. - Fixed a test failure in apachessl in fips mode bsc1177793. - Renamed BNgetrfc3526prime functions back...

SUSE-SU-2020:3762-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME bsc1179491. - Initialized dh-nid to NIDundef in DHnewmethod bsc1177673. - Fixed a test failure in apachessl in fips mode bsc1177793. - Renamed BNgetrfc3526prime functions back...

PYSEC-2020-297

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen...