Total
344 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22657 | 1 Apple | 3 Garageband, Logic Pro X, Macos | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
|
|||||
| CVE-2022-22186 | 1 Juniper | 2 Ex4650, Junos | 2024-11-21 | 6.4 MEDIUM | 7.2 HIGH |
|
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 ve ...
Show More |
|||||
| CVE-2022-22169 | 1 Juniper | 2 Junos, Junos Os Evolved | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though there is not any Grace-LSA received in OSPFv3 causing a Denial of Service (DoS). Unexpectedly entering GR helper mode might cause the OSPFv3 neighbor adjacency formed on this interface to be stuck in ...
Show More |
|||||
| CVE-2022-22164 | 1 Juniper | 1 Junos Os Evolved | 2024-11-21 | 5.0 MEDIUM | 6.5 MEDIUM |
|
An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. When it is not intended to be operating on the device, an administrator can issue the following command to verify whether telnet is operating in the background: user@device > show system connections | grep :23 tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 20879/xinetd This issue affects: ...
Show More |
|||||
| CVE-2022-20731 | 1 Cisco | 3 Catalyst Digital Building Series Switches, Catalyst Digital Building Series Switches Firmware, Ios Rommon | 2024-11-21 | 7.2 HIGH | 4.6 MEDIUM |
|
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
|
|||||
| CVE-2022-20661 | 1 Cisco | 6 Cdb-8p, Cdb-8u, Cmicr-4pc and 3 more | 2024-11-21 | 4.9 MEDIUM | 4.6 MEDIUM |
|
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
|
|||||
| CVE-2022-0947 | 1 Abb | 48 Arc600a2323na, Arc600a2323na Firmware, Arc600a2324na and 45 more | 2024-11-21 | 6.8 MEDIUM | 9.0 CRITICAL |
|
A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration.
|
|||||
| CVE-2021-4218 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A flaw was found in the Linux kernel’s implementation of reading the SVC RDMA counters. Reading the counter sysctl panics the system. This flaw allows a local attacker with local access to cause a denial of service while the system reboots. The issue is specific to CentOS/RHEL.
|
|||||
| CVE-2021-47194 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
If the userspace tools switch from NL80211_IFTYPE_P2P_GO to
NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it
does not call the cleanup cfg80211_stop_ap(), this leads to the
initialization of in-use data. For example, this path re-init the
sdata->assigned_chanctx_list while it is still an element of
assigned_vifs list, and makes that linked list corrup ...
Show More |
|||||
| CVE-2021-46932 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
Input: appletouch - initialize work before device registration
Syzbot has reported warning in __flush_work(). This warning is caused by
work->func == NULL, which means missing work initialization.
This may happen, since input_dev->close() calls
cancel_work_sync(&dev->work), but dev->work initalization happens _after_
input_register_device() call.
So this patch moves dev->work initialization before registering input
device
|
|||||
| CVE-2021-46320 | 1 Openzeppelin | 1 Openzeppelin | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In OpenZeppelin <=v4.4.0, initializer functions that are invoked separate from contract creation (the most prominent example being minimal proxies) may be reentered if they make an untrusted non-view external call. Once an initializer has finished running it can never be re-executed. However, an exception put in place to support multiple inheritance made reentrancy possible, breaking the expectation that there is a single execution.
|
|||||
| CVE-2021-46283 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace.
|
|||||
| CVE-2021-44169 | 1 Fortinet | 1 Forticlient | 2024-11-21 | 4.6 MEDIUM | 8.2 HIGH |
|
A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory.
|
|||||
| CVE-2021-41264 | 1 Openzeppelin | 1 Contracts | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
OpenZeppelin Contracts is a library for smart contract development. In affected versions upgradeable contracts using `UUPSUpgradeable` may be vulnerable to an attack affecting uninitialized implementation contracts. A fix is included in version 4.3.2 of `@openzeppelin/contracts` and `@openzeppelin/contracts-upgradeable`. For users unable to upgrade; initialize implementation contracts using `UUPSUpgradeable` by invoking the initializer function (usually called `initialize`). An example is provid ...
Show More |
|||||
| CVE-2021-40025 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2021-3565 | 3 Fedoraproject, Redhat, Tpm2-tools Project | 3 Fedora, Enterprise Linux, Tpm2-tools | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.
|
|||||
| CVE-2021-3329 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | N/A | 9.6 CRITICAL |
|
Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack
|
|||||
| CVE-2021-39636 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel
|
|||||
| CVE-2021-36319 | 1 Dell | 1 Networking Os10 | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages.
|
|||||
| CVE-2021-36006 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
|
Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) are affected by an Improper input validation vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-35995 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
|
Adobe After Effects version 18.2.1 (and earlier) is affected by an Improper input validation vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-34703 | 1 Cisco | 203 1000 Integrated Services Router, 1100-4g\/6g Integrated Services Router, 1100-4p Integrated Services Router and 200 more | 2024-11-21 | 6.8 MEDIUM | 6.8 MEDIUM |
|
A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a buffer. An attacker could exploit this vulnerability via any of the following methods: An authenticated, remote attacker could access the LLDP neighbor table via either the CLI or SNMP while the device ...
Show More |
|||||
| CVE-2021-34697 | 1 Cisco | 1 Ios Xe | 2024-11-21 | 5.0 MEDIUM | 5.8 MEDIUM |
|
A vulnerability in the Protection Against Distributed Denial of Service Attacks feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct denial of service (DoS) attacks to or through the affected device. This vulnerability is due to incorrect programming of the half-opened connections limit, TCP SYN flood limit, or TCP SYN cookie features when the features are configured in vulnerable releases of Cisco IOS XE Software. An attacker could exploit this vulnerabili ...
Show More |
|||||
| CVE-2021-33638 | 1 Openeuler | 1 Isula | 2024-11-21 | N/A | 8.4 HIGH |
|
When the isula cp command is used to copy files from a container to a host machine and the container is controlled by an attacker, the attacker can escape the container.
|
|||||
| CVE-2021-33637 | 1 Openeuler | 1 Isula | 2024-11-21 | N/A | 8.4 HIGH |
|
When the isula export command is used to export a container to an image and the container is controlled by an attacker, the attacker can escape the container.
|
|||||
| CVE-2021-33636 | 1 Openeuler | 1 Isula | 2024-11-21 | N/A | 8.4 HIGH |
|
When the isula load command is used to load malicious images, attackers can execute arbitrary code.
|
|||||
| CVE-2021-33635 | 1 Openeuler | 1 Isula | 2024-11-21 | N/A | 9.8 CRITICAL |
|
When malicious images are pulled by isula pull, attackers can execute arbitrary code.
|
|||||
| CVE-2021-33634 | 1 Openeuler | 1 Icr | 2024-11-21 | N/A | 6.3 MEDIUM |
|
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS.
|
|||||
| CVE-2021-30962 | 1 Apple | 2 Macos, Tvos | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
|
|||||
| CVE-2021-29614 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.6 MEDIUM | 7.1 HIGH |
|
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.io.decode_raw` produces incorrect results and crashes the Python interpreter when combining `fixed_length` and wider datatypes. The implementation of the padded version(https://github.com/tensorflow/tensorflow/blob/1d8903e5b167ed0432077a3db6e462daf781d1fe/tensorflow/core/kernels/decode_padded_raw_op.cc) is buggy due to a confusion about pointer arithmetic rules. First, the code computes(https://githu ...
Show More |
|||||
| CVE-2021-29613 | 1 Google | 1 Tensorflow | 2024-11-21 | 3.6 LOW | 6.3 MEDIUM |
|
TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
|
|||||
| CVE-2021-29611 | 1 Google | 1 Tensorflow | 2024-11-21 | 2.1 LOW | 3.6 LOW |
|
TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseReshape` results in a denial of service based on a `CHECK`-failure. The implementation(https://github.com/tensorflow/tensorflow/blob/e87b51ce05c3eb172065a6ea5f48415854223285/tensorflow/core/kernels/sparse_reshape_op.cc#L40) has no validation that the input arguments specify a valid sparse tensor. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4 ...
Show More |
|||||
| CVE-2021-29610 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.6 MEDIUM | 3.6 LOW |
|
TensorFlow is an end-to-end open source platform for machine learning. The validation in `tf.raw_ops.QuantizeAndDequantizeV2` allows invalid values for `axis` argument:. The validation(https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L74-L77) uses `||` to mix two different conditions. If `axis_ < -1` the condition in `OP_REQUIRES` will still be true, but this value of `axis_` results in heap underflow. Th ...
Show More |
|||||
| CVE-2021-29609 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
|
TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as well as write outside of bounds of heap allocated data. The implementation(https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/sparse_add_op.cc) has a large set of validation for the two sparse tensor inputs (6 tensors in total), but does n ...
Show More |
|||||
| CVE-2021-28688 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
|
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulner ...
Show More |
|||||
| CVE-2021-26326 | 1 Amd | 40 Epyc 7232p, Epyc 7232p Firmware, Epyc 72f3 and 37 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Failure to validate VM_HSAVE_PA during SNP_INIT may result in a loss of memory integrity.
|
|||||
| CVE-2021-26312 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.
|
|||||
| CVE-2021-22283 | 1 Abb | 38 Evd4, Evd4 Firmware, Rec615 and 35 more | 2024-11-21 | N/A | 6.2 MEDIUM |
|
Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1, ABB Relion protection relays - 620 series IEC/CN 2.0, ABB Relion protection relays - 620 series IEC/CN 2.0 FP1, ABB Relion protection relays - REX640 PCL1, ABB Relion protection relays - REX640 PCL2, A ...
Show More |
|||||
| CVE-2021-20613 | 1 Mitsubishielectric | 6 Fx3u-enet, Fx3u-enet-l, Fx3u-enet-l Firmware and 3 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Improper initialization vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.16 and prior, FX3U-ENET-L Firmware version 1.16 and prior and FX3U-ENET-P502 Firmware version 1.16 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product by sending specially crafted packets. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery.
|
|||||
| CVE-2021-20317 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 4.4 MEDIUM |
|
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.
|
|||||