CVE-2023-23300

The Toybox.Cryptography.Cipher.initialize API method in CIQ API version 3.0.0 through 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters and hijack the execution of the...

Shortfall.sol#initialize's waitForFirstBidder and nextBidderBlockLimit too short

Lines of code Vulnerability details Impact File: Shortfall.sol 147 waitForFirstBidder = 100; 148 nextBidderBlockLimit = 10; Binance Smart Chain has a block time of around 3 seconds. This could lead to an attacker blocking other bids to bid for the token at a low price. Proof of Concept Tools Used...

kernel: scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFTID An error case exit from lpfccmplctcmdgftid results in a call to lpfcnlpput with a null pointer to a nodelist structure. Changed lpfccmplctcmdgftid to...

anyone can call initialize() functions which can cause lost of funds and contract ownership

Lines of code Vulnerability details Impact Most of the smart contracts have an initialize function that anyone can call as initialize function visibility is either external or public. This could lead to a race condition when the contract is deployed. At that moment a hacker or attacker could call...

GSD-2023-1002408 btrfs: zlib: zero-initialize zlib workspace

btrfs: zlib: zero-initialize zlib workspace This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.232 by commit...

GSD-2023-1002393 btrfs: zlib: zero-initialize zlib workspace

btrfs: zlib: zero-initialize zlib workspace This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.168 by commit...

GSD-2023-1002340 btrfs: zlib: zero-initialize zlib workspace

btrfs: zlib: zero-initialize zlib workspace This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.12 by commit...

PT-2023-12423 · Unknown · Serenityos

Name of the Vulnerable Software and Affected Versions: SerenityOS affected versions not specified Description: A critical issue has been found in SerenityOS, affecting the function initialize typed array from array buffer in the library Userland/Libraries/LibJS/Runtime/TypedArray.cpp. This issue...

Upgraded Q -> 2 from #664 [1677633674294]

Judge has assessed an item in Issue 664 as 2 risk. The relevant finding follows: 2- Vault fees can be set greater than 1e18 in the initialize function : The Vaut contract implements 4 types of fees deposit, withdrawal, management, performance collected when the user deposits or withdraw tokens,...

Upgraded Q -> 2 from #795 [1677634099280]

Judge has assessed an item in Issue 795 as 2 risk. The relevant finding follows: 04 VALUES OF fees ARE NOT CHECKED IN Vault.initialize FUNCTION When calling the following Vault.initialize function, the values of fees are not checked. It is possible that these fees are set to be above 1e18 when...

SUSE CVE-2010-1748

The cgiinitializestring function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % percent character without two subsequent hex characters, which...

SUSE CVE-2013-6665

Heap-based buffer overflow in the ResourceProvider::InitializeSoftware function in cc/resources/resourceprovider.cc in Google Chrome before 33.0.1750.146 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large texture size that triggers improper...

SUSE CVE-2017-17790

The lazyinitialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernelopen, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input ma...

SUSE CVE-2018-7689

Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions...

SWC-109 Uninitialized Storage Pointer

Lines of code Vulnerability details Impact Uninitialized storage variables can point to unexpected storage locations. Proof of Concept // Exploitable Vulnerability MemoryPointer callData; Tools Used github Recommended Mitigation Steps // Initialize variable "callData" or set the storage attribute...

GSD-2023-1000795 drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe

drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000382 ASoC: SOF: mediatek: initialize panic_info to zero

ASoC: SOF: mediatek: initialize panicinfo to zero This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.19 by commit...

GSD-2023-1000005 igb: Initialize mailbox message for VF reset

igb: Initialize mailbox message for VF reset This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.15 by commit...

Attacker can disable contract functionality

Lines of code Vulnerability details Impact Current setup of the protocol is vulnerable to a DoS attack. This can be achieved by anyone calling initialize on the implementation VRFNFTRandomDraw contract. With the implementation contract initialized the created clones cannot be re-initialized and...

rubygem-cgi -- HTTP response splitting vulnerability

Hiroshi Tokumaru reports: If an application that generates HTTP responses using the cgi gem with untrusted user input, an attacker can exploit it to inject a malicious HTTP response header and/or body. Also, the contents for a CGI::Cookie object were not checked properly. If an application create...