68 matches found
ROS-20260529-73-0018
The vulnerability of the sscanf function in the libcurl library, a software tool for interacting with servers via CURL, is related to the use of uninitialized resources. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability. This vulnerability stemmed from an issue with the ANGLE component where uninitialized resources were used, which could allow a remote attacker with access ...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability. This vulnerability stemmed from an issue with the ANGLE component where uninitialized resources were used, which could allow remote attackers to exploit th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fixed the issue of releasing uninitialized resources on an error path. The commit in the fixes section ensured that mlx5vdpafree is the only entrypoint for releasing vdpa device resources added in mlx5vdpadevadd, even...
AMD Chipset 安全漏洞
The AMD Chipset is a series of chips developed by American semiconductor company AMD. The AMD Chipset contains security vulnerabilities; these vulnerabilities stem from the use of uninitialized resources, which may allow attackers to access uninitialized kernel memory, resulting in losses related...
CVE-2026-7141
A vulnerability was found in vllm up to 0.19.0. The affected element is the function hasmambalayers of the file vllm/v1/kvcacheinterface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attack is...
vLLM 安全漏洞
vLLM is an open-source inference and service engine designed for LLM models, featuring high throughput and efficient memory usage. Versions of vLLM prior to 0.19.0 contained a security vulnerability. This vulnerability stemmed from a function in the KV Block Handler component called...
CVE-2025-12736
CVE-2025-12736 affects the OpenHarmony platform, specifically the multimedia_audio_standard component in v5.0.3 and earlier. The root cause is the use of an uninitialized resource, which can enable a local attacker to obtain a case-sensitive leak of sensitive information. The provided metrics ind...
OpenHarmony 安全漏洞
OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony prior to v5.0.3 contain security vulnerabilities. These vulnerabilities stem from the use of uninitialized resources, which may allow local attackers to expo...
CVE-2025-71141 drm/tilcdc: Fix removal actions in case of failed probe
In the Linux kernel, the following vulnerability has been resolved: drm/tilcdc: Fix removal actions in case of failed probe The drmkmshelperpollfini and drmatomichelpershutdown helpers should only be called when the device has been successfully registered. Currently, these functions are called...
Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability
Use of uninitialized resource in Dynamic Root of Trust for Measurement DRTM allows an authorized attacker to disclose information locally...
K000158999: Linux kernel vulnerability CVE-2025-38628
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5vdpafree is the single entrypoint for removing the vdpa device resources added in...
Juniper Networks Junos OS SRX 安全漏洞
Juniper Networks Junos OS SRX is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS SRX version 24.4 up to and...
EUVD-2025-25573
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-38628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag...
CVE-2025-38628
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5vdpafree is the single entrypoint for removing the vdpa device resources added in mlx5vdpadevadd, even in the cleanup...
DEBIAN-CVE-2025-38628
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5vdpafree is the single entrypoint for removing the vdpa device resources added in mlx5vdpadevadd, even in the cleanup...
UBUNTU-CVE-2025-38628
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5vdpafree is the single entrypoint for removing the vdpa device resources added in mlx5vdpadevadd, even in the cleanup...
CVE-2025-38628
CVE-2025-38628 affects the Linux kernel mlx5 vdpa path. The issue was a resource cleanup bug where cleanup paths could operate on uninitialized resources, triggering a splat when adding a vdpa device without a MAC address. The fixes ensure mlx5_vdpa_free() is the single entrypoint for removing vd...
CVE-2025-38628 vdpa/mlx5: Fix release of uninitialized resources on error path
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5vdpafree is the single entrypoint for removing the vdpa device resources added in mlx5vdpadevadd, even in the cleanup...