Unsafe OpenSSL Initialization Vulnerability Within AMD Manageability Software

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62628| Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution....

CVE-2026-24148

NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization of a resource with an insecure default. A successful exploit of this vulnerability might lead to information disclosure of encrypted data, data...

CVE-2026-33038

WWBN AVideo is an open source video platform. Versions 25.0 and below are vulnerable to unauthenticated application takeover through the install/checkConfiguration.php endpoint. install/checkConfiguration.php performs full application initialization: database setup, admin account creation, and...

kernel: pstore/ram: Check start of empty przs during init

An out of bounds array vulnerability exists in the linux kernel, such that a missing check on the start field of a PRZ persistent ram zone during initialization leads to damage to the availability and integrity of the system...

EUVD-2017-7252

Malware in sbrugna...

EUVD-2015-7976

Malware in sbrugna...

EUVD-2021-2853

Malicious code in bioql PyPI...

EUVD-2022-27316

Malicious code in bioql PyPI...

EUVD-2021-9429

Malicious code in bioql PyPI...

EUVD-2022-29214

Malicious code in bioql PyPI...

EUVD-2022-3338

Malicious code in bioql PyPI...

EUVD-2025-10434

Malicious code in bioql PyPI...

llama.cpp 安全漏洞

llama.cpp is a multimodal model by the individual developer Georgi Gerganov. A security vulnerability exists in llama.cpp, which stems from an integer overflow in the ggufinitfromfileimpl function, which could lead to a heap out-of-bounds read or write...

CVE-2021-32742

Vapor is a web framework for Swift. In versions 4.47.1 and prior, bug in the Data.initbase32Encoded: function opens up the potential for exposing server memory and/or crashing the server Denial of Service for applications where untrusted data can end up in said function. Vapor does not currently...

ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution

Exploit Title: ABB Cylon Aspect 3.08.02 deployStart.php Unauthenticated Command Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.02 Summary: ASPECT is an award-winning scalable...

CVE-2025-21842 amdkfd: properly free gang_ctx_bo when failed to init user queue

In the Linux kernel, the following vulnerability has been resolved: amdkfd: properly free gangctxbo when failed to init user queue The destructor of a gtt bo is declared as void amdgpuamdkfdfreegttmemstruct amdgpudevice adev, void memobj; Which takes void as the second parameter. GCC allows passi...

CVE-2024-12289 Boundary Controller Incorrectly Handles HTTP Requests On Initialization Which May Lead to a Denial of Service

Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...

CVE-2024-31070

Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...

The vulnerability of the NVIDIA GPU Display Driver software driver allows a hacker to execute arbitrary code and disclose protected information.

The vulnerability of the NVIDIA GPU Display Driver software driver is related to initialization errors. Exploiting this vulnerability allows an attacker to cause system failures and disclose sensitive information...

eap-galleon: custom provisioning creates unsecured http-invoker

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...