PYSEC-2022-8

pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

CVE-2022-22816

pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path...

UBUNTU-CVE-2022-22815

pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

Pillow 安全漏洞

Pillow is a Python based image processing library. A security vulnerability exists in Pillow before 9.0.0 that stems from pathgetbbox in path.c incorrectly initializing ImagePath...

Pillow 缓冲区错误漏洞

Pillow is a Python-based image processing library. An out-of-bounds read vulnerability exists in versions of Pillow prior to 9.0.0, which stems from a buffer over-read in pathgetbbox in path.c during initialization of ImagePath. An attacker could exploit this vulnerability to read memory-sensitiv...

CVE-2022-22815

pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

Missing Initialization of Resource in pnet

An issue was discovered in the pnet crate before 0.27.2 for Rust. There is a segmentation fault upon attempted dereference of an uninitialized descriptor because of an erroneous IcmpTransportChannelIterator compiler optimization...

PT-2022-12364 · Apache · Apache Kylin

Name of the Vulnerable Software and Affected Versions: Apache Kylin versions 2.6.6 and prior Apache Kylin versions 3.1.2 and prior Apache Kylin versions 4.0.0 and prior Description: Apache Kylin provides encryption classes PasswordPlaceholderConfigurer to help users encrypt their passwords. In th...

OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2021-30274

Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...

Double free

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

Integer overflow

Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...

CVE-2021-30274

CVE-2021-30274 concerns an integer overflow in the access initialization interface due to inadequate size and address validation. The issue is described across multiple sources as affecting Qualcomm/ Qualcomm Snapdragon platforms (including Snapdragon Auto, Compute, Connectivity, and related IoT/...

PT-2025-37510

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's DRM subsystem related to the handling of DRM bridges within the meson driver. Specifically, DRM bridges created by meson encoder hdmi init and meson...

PT-2025-53989

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ath11k module related to the initialization of the qmi msg handler data structure. Specifically, the qmi msg handler requires null termination by the...

PT-2025-8324

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free bug has been identified in the Linux kernel's macsec module. This issue occurs when a new macsec device is created without obtaining a reference to the real device,...

GSD-2021-1002832 ipmi: fix initialization when workqueue allocation fails

ipmi: fix initialization when workqueue allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...

GSD-2021-1002831 ipmi: ssif: initialize ssif_info->client early

ipmi: ssif: initialize ssifinfo-client early This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...

GSD-2021-1002805 ipmi: fix initialization when workqueue allocation fails

ipmi: fix initialization when workqueue allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.89 by commit...

GSD-2021-1002796 ipmi: fix initialization when workqueue allocation fails

ipmi: fix initialization when workqueue allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.169 by commit...