reading on uninitialized buffer can cause UB (`impl<R> BufRead for GreedyAccessReader<R>`)

Affected versions of this crate creates an uninitialized buffer and passes it to user-provided Read implementation. This is unsound, because it allows safe Rust code to exhibit an undefined behavior read from uninitialized memory. The flaw was corrected in version 0.1.1 by zero-initializing a new...

CVE-2019-2221

In hasActivityInVisibleTask of WindowProcessController.java there’s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti...

Flaw in offset_of and span_of causes SIGILL, drops uninitialized memory of arbitrary type on panic in client code

Affected versions of this crate caused traps and/or memory unsafety by zero-initializing references. They also could lead to uninitialized memory being dropped if the field for which the offset is requested was behind a deref coercion, and that deref coercion caused a panic. The flaw was correcte...

LDAP SSL - invalid user account-LdapErr-DSID-0C090FB4-Error-initializing-SSL

ISSUE: User can not login after changing LDAP authentication to LDAP SSL authentication. Error message: Invalid user account. Symptom: Check the Network Trace and found. For TLS: 22283 2017-03-09 16:54:29.344825357 2.2.2.22.2.2.3LDAP 232 extendedResp1 00000000: LdapErr: DSID-0C090FB4, comment:...

Patch Management: Symantec Altiris Computer Info Initialization

Binary data symantecaltirisgetcomputerinfo.nbin...

Mozilla Products Multiple Unspecified Vulnerabilities - Feb12 (MAC OS X 01)

The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvulnmacosx01feb12.nasl 6445 2017-06-27 12:31:06Z santu $ Mozilla Products Multiple Unspecified Vulnerabilities - Feb12 MAC OS X 01 Authors:...

Debian Security Advisory DSA 152-1 (l2tpd)

The remote host is missing an update to l2tpd announced via advisory DSA 152-1. OpenVAS Vulnerability Test $Id: deb1521.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 152-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Irokez CMS <= 0.7.1 Multiple Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications ================================================================ Irokez CMS 11: requireonce "$GLOBALS'PTH''func'gallery.func.php"; + - 12: requireonce "$GLOBALS'PTH''classes'gallery.class.php"; + scripts/sitemap.scr.php, lines 13: + - 13:...