9098 matches found
SUSE CVE-2025-37993
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanclassallocatedev: initialize spin lock on device probe The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. wh...
PT-2025-29028 · Intel +1 · Intel Audio Subsystem +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue in the Advanced SoC ASoC Intel audio subsystem where a null pointer dereference could occur during hardware initialization. The avs dai find path...
When GPT Spills the Tea: Comprehensive Assessment of Knowledge File Leakage in GPTs
Knowledge files have been widely used in large language model LLM agents, such as GPTs, to improve response quality. However, concerns about the potential leakage of knowledge files have grown significantly. Existing studies demonstrate that adversarial prompts can induce GPTs to leak knowledge...
CVE-2025-37993
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanclassallocatedev: initialize spin lock on device probe The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. wh...
CVE-2025-37993 can: m_can: m_can_class_allocate_dev(): initialize spin lock on device probe
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanclassallocatedev: initialize spin lock on device probe The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. wh...
libvpx: Double-free in libvpx encoder
A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...
libvpx: Double-free in libvpx encoder
A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...
PT-2025-23152 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc3 Description: A vulnerability in the Linux kernel has been resolved, related to the initialization of a spin lock in the m can classdev struct. The issue occurs when trying to send CAN frames, resultin...
The vulnerability in the module drivers/gpu/drm/v3d/v3d_submit.c of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/gpu/drm/v3d/v3dsubmit.c kernel module of the Linux operating system is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the overflow_allocation_test() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the overflowallocationtest function in the Linux operating system is related to improper initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the `evaluate` function in the BusyBox command-line utility set allows a hacker to cause a service failure.
The vulnerability of the evaluate function in the BusyBox command-line utilities is related to an incorrect use after its initialization. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
CVE-2024-47945
The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. The session IDs are predictable, with only 32,768 possible values per user, which allows attackers to pre-generate valid session IDs, leading to unauthorized access to user sessions...
CVE-2024-3860
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox 125...
CVE-2024-12289
Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...
CVE-2024-0103
NVIDIA Triton Inference Server for Linux contains a vulnerability where a user may cause an incorrect Initialization of resource by network issue. A successful exploit of this vulnerability may lead to information disclosure...
CVE-2024-32918
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization steps...
CVE-2024-44154
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7. Processing a maliciously crafted file may lead to unexpected app termination...
CVE-2024-22473
TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure Vault VSE devices. This defect may allow Signature Spoofing by Key Recreation.This issue affects Gecko SDK through v4.4.0...
CVE-2024-53845
ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV Initialization Vector prior to versions 5.3.2, 5.2.4, 5.1.6, and 5.0.8. The IV is set to zero and remains constant...
CVE-2023-26243
An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to...