CVE-2026-36611

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized buffer when receiving POST requests without SOAPAction header on UPnP port 1900, exposing internal memory to unauthenticated adjacent network attackers...

CVE-2026-34459

Sandboxie-Plus (Windows) vulnerability in SbieSvc GetRawInputDeviceInfoSlave (v1.17.2 and earlier) allows sandbox escape via two chained flaws: (1) when cbSize=0, up to 32KB of uninitialized kernel/user stack memory is returned, leaking addresses/stack cookies and bypassing ASLR and /GS; (2) an a...

JLSEC-2026-277 Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key...

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

SUSE CVE-2026-31790

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

CVE-2026-31790

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

CVE-2017-18675

An issue was discovered on Samsung mobile devices with M6.0 and N7.x Exynos7420 or Exynox8890 chipsets software. The Camera application can leak uninitialized memory via ion. The Samsung ID is SVE-2016-6989 April 2017...

EUVD-2024-50581

Malicious code in bioql PyPI...

Security update for gdk-pixbuf

This update for gdk-pixbuf fixes the following issues: CVE-2025-7345: Uninitialized memory could lead to leak arbitrary memory contents bsc1246114. CVE-2025-6199: Heap buffer overflow within the gdkpixbufjpegimageloadincrement function bsc1245227. Patch Instructions: To install this SUSE update u...

SUSE-SU-2025:02954-1 Security update for gdk-pixbuf

This update for gdk-pixbuf fixes the following issues: - CVE-2025-6199: Fixed uninitialized memory leading to arbitrary memory contents leak bsc1245227 - CVE-2025-7345: Fixed heap buffer overflow within the gdkpixbufjpegimageloadincrement function bsc1246114...

Linux Distros Unpatched Vulnerability : CVE-2024-26697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix data corruption in dsync block recovery for small block sizes The helper function nilfsrecoverycopyblock of nilfsrecoverydsyncblocks, which recovers...

FreeBSD-SA-25:04.ktrace

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-25:04.ktrace Security Advisory The FreeBSD Project Topic: Uninitialized kernel memory disclosure via ktrace2 Category: core Module: ktrace Announced: 2025-01-29...

CLSA-2025-1737569495 Fix CVE(s): CVE-2024-12085

SECURITY UPDATE: possible information leak via checksum comparison - debian/patches/CVE-2024-12085.patch: fix issue with checksum length manipulation leading to uninitialized memory leak - CVE-2024-12085...

CVE-2024-12085

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...

CVE-2024-12085

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...

CVE-2024-12085

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. Mitigation Seei...

SUSE CVE-2019-19947

In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaserusb/kvaserusbleaf.c driver, aka CID-da2311a6385c...

CVE-2022-2308

A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver to ensure the size of the device config space is in line with the features advertised by the VDUSE userspace application. In case of a mismatch, Virtio drivers config read helpers do not initialize t...

Unspecified Vulnerability in QEMU

QEMU is a set of simulation processors written by Fabrice Bellard and distributed with source code under the GPL license, widely used on the GNU/Linux platform. A security vulnerability exists in QEMU's slirp, which stems from the fact that the bootpinput function in src/bootp.c uses memory outsi...

PT-2021-7991 · Libslirp +9 · Libslirp +9

Name of the Vulnerable Software and Affected Versions: libslirp versions prior to 4.6.0 Description: The issue is related to an invalid pointer initialization in the SLiRP networking implementation, specifically in the bootp input function. This could occur when processing a UDP packet smaller th...

QEMU Information Disclosure Vulnerability (CNVD-2021-39040)

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU suffers from an information disclosure vulnerability. The vulnerability stems from an uninitialized memory leak in the virglcmdgetcapsetin...