63 matches found
Unsafe OpenSSL Initialization Vulnerability Within AMD Manageability Software
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62628| Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution....
CVE-2026-24148
NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization of a resource with an insecure default. A successful exploit of this vulnerability might lead to information disclosure of encrypted data, data...
CVE-2026-33038
WWBN AVideo is an open source video platform. Versions 25.0 and below are vulnerable to unauthenticated application takeover through the install/checkConfiguration.php endpoint. install/checkConfiguration.php performs full application initialization: database setup, admin account creation, and...
kernel: pstore/ram: Check start of empty przs during init
An out of bounds array vulnerability exists in the linux kernel, such that a missing check on the start field of a PRZ persistent ram zone during initialization leads to damage to the availability and integrity of the system...
EUVD-2015-7976
Malware in sbrugna...
EUVD-2017-7252
Malware in sbrugna...
EUVD-2021-2853
Malicious code in bioql PyPI...
EUVD-2021-9429
Malicious code in bioql PyPI...
EUVD-2022-29214
Malicious code in bioql PyPI...
EUVD-2022-27316
Malicious code in bioql PyPI...
EUVD-2025-10434
Malicious code in bioql PyPI...
EUVD-2022-3338
Malicious code in bioql PyPI...
llama.cpp 安全漏洞
llama.cpp is a multimodal model by the individual developer Georgi Gerganov. A security vulnerability exists in llama.cpp, which stems from an integer overflow in the ggufinitfromfileimpl function, which could lead to a heap out-of-bounds read or write...
CVE-2021-32742
Vapor is a web framework for Swift. In versions 4.47.1 and prior, bug in the Data.initbase32Encoded: function opens up the potential for exposing server memory and/or crashing the server Denial of Service for applications where untrusted data can end up in said function. Vapor does not currently...
ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
Exploit Title: ABB Cylon Aspect 3.08.02 deployStart.php Unauthenticated Command Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.02 Summary: ASPECT is an award-winning scalable...
CVE-2025-21842 amdkfd: properly free gang_ctx_bo when failed to init user queue
In the Linux kernel, the following vulnerability has been resolved: amdkfd: properly free gangctxbo when failed to init user queue The destructor of a gtt bo is declared as void amdgpuamdkfdfreegttmemstruct amdgpudevice adev, void memobj; Which takes void as the second parameter. GCC allows passi...
CVE-2024-12289 Boundary Controller Incorrectly Handles HTTP Requests On Initialization Which May Lead to a Denial of Service
Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...
CVE-2024-31070
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...
eap-galleon: custom provisioning creates unsecured http-invoker
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...
CVE-2024-26638 nbd: always initialize struct msghdr completely
In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...