CWE:
 

Nic nie znaleziono w bazie WLB2


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-09-15
Waiting for details
CVE-2022-2472

Updating...
 

 
Improper Initialization vulnerability in the local server component of EZVIZ CS-C6N-A0-1C2WFR allows a local attacker to read the contents of the memory space containing the encrypted admin password. This issue affects: EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428.

 
2022-09-06
Waiting for details
CVE-2022-36061

Updating...
 

 
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B state, the state will be altered for contract B as if the call was not made in the read-only mode. This can lead to some effects not designed by the original smart contracts programmers. This issue was patched in version 1.3.35. There are no known workarounds.

 
2022-06-02
Medium
CVE-2022-29695

Vendor: Unicorn-engine
Software: Unicorn engine
 

 
Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an incomplete unicorn engine initialization.

 
2022-05-10
Medium
CVE-2021-26353

Updating...
 

 
Due to a mishandled error, it is possible to leave the DRTM UApp in a partially initialized state, which can result in unchecked memory writes when the UApp handles subsequent mailbox commands.

 
Medium
CVE-2022-0947

Updating...
 

 
A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration.

 
2022-04-14
Medium
CVE-2022-22186

Updating...
 

 
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R1.

 
2022-04-06
Medium
CVE-2021-44169

Vendor: Fortinet
Software: Forticlient
 

 
A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory.

 
2022-03-18
Medium
CVE-2022-22657

Vendor: Apple
Software: Garageband
 

 
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.

 
2022-03-14
Medium
CVE-2022-22719

Vendor: Apache
Software: Http server
 

 
A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

 
2022-03-10
Medium
CVE-2022-0847

Vendor: Linux
Software: Linux kernel
 

 
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top