9100 matches found
CVE-2025-46632
Initialization vector IV reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server...
PT-2025-18434
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version containing the fix for the double free issue in cpumf pmu event init Description A double free issue was found in the Linux kernel's PMU event initialization functions, specifically in cpumf pmu event...
PT-2025-18647 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer problem in the free mr init function has been resolved. The issue occurs in a concurrent scenario, resulting in a NULL pointer dereference at virtual address...
PT-2025-18706 · Tenda · Tenda Rx2 Pro
Name of the Vulnerable Software and Affected Versions: Tenda RX2 Pro version 16.03.30.14 Description: The issue concerns the reuse of the initialization vector IV in the web management portal, which may allow an attacker to discern information or more easily decrypt encrypted messages between the...
CVE-2025-46632
CVE-2025-46632 affects Tenda RX2 Pro (firmware 16.03.30.14). The issue is IV reuse in the web management portal, enabling an attacker to discern information about, or more easily decrypt, messages between client and server. The exploitation details are not provided in the documents, but the CVSS ...
PT-2025-18562
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been resolved, specifically in the j1939 module. The problem was related to the lack of initialization of the CAN header. The read access to canxl...
Medium: qt
Issue Overview: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled. CVE-2023-32573 Affected Packages: qt Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ secti...
ROS-20250430-05
Vulnerability of Erlang programming language OTP library set is related to improper packet handling SFTP. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service Vulnerability of SSH protocol implementation from Erlang/OTP library...
The vulnerability of the `ocfs2_global_read_info()` function in the `/fs/ocfs2/quota_local.c` module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ocfs2globalreadinfo function in the /fs/ocfs2/quotalocal.c module of the Linux kernel is related to incorrect resource initialization. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
Insecure Default Initialization of Resource
Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to the misconfiguration of the ReadOnlyPort setting. An attacker can gain unauthorized access to exposed credentials by connecting to the open port without authentication. Remediation...
The vulnerability of the integrated development environment for software, JetBrains RubyMine, arises from insecure resource initialization, allowing attackers to exploit it to disclose protected information.
The vulnerability of the integrated development environment for software, JetBrains RubyMine, is related to the insecure initialization of resources. Exploiting this vulnerability can allow a malicious actor to disclose protected information...
SUSE CVE-2025-22110
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: Initialize ctx to avoid memory allocation error It is possible that ctx in nfqnlbuildpacketmessage could be used before it is properly initialize, which is only initialized by nfqnlgetsksecctx. This pat...
SUSE CVE-2025-22119
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: init wiphywork before allocating rfkill fails syzbort reported a uninitialize wiphyworklock in cfg80211devfree. 1 After rfkill allocation fails, the wiphy release process will be performed, which will cause...
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena, related to errors during initialization of variables, allows a perpetrator to execute arbitrary code.
The vulnerability of the software for discrete event simulation and automation in Rockwell Automation Arena is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena, related to errors during initialization of variables, allows a perpetrator to execute arbitrary code.
The vulnerability of the software for discrete event simulation and automation in Rockwell Automation Arena is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena, related to errors during initialization of variables, allows a perpetrator to execute arbitrary code.
The vulnerability of the software for discrete event simulation and automation in Rockwell Automation Arena is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...
The vulnerability of the hclge_ptp_get_cycle() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the hclgeptpgetcycle function in the Linux operating system is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2025-39728 clk: samsung: Fix UBSAN panic in samsung_clk_init()
In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...
CVE-2025-39728 clk: samsung: Fix UBSAN panic in samsung_clk_init()
In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...
SUSE CVE-2024-58096
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: add srng-lock for ath11khalsrng in monitor mode ath11khalsrng should be used with srng-lock to protect srng data. For ath11kdprxmondestprocess and ath11kdpfullmonprocessrx, they use ath11khalsrng for many times but...