CVE-2025-66363

An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages...

EUVD-2025-208236

An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages...

CVE-2025-66363

CVE-2025-66363 affects the Samsung Mobile Processor Exynos 2200, specifically the LBS component. The issue is that there was no check for memory initialization within DL NAS Transport messages, representing a failure in validating memory initialization in that path. The available connected docume...

CVE-2026-0029

In pkvminitvm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0029

CVE-2026-0029 involves memory corruption in __pkvm_init_vm (pkvm.c) of the kernel, caused by a logic error, enabling local privilege escalation with no user interaction required. The initial description provides no exploitation details, no patch/version info, and no remediation steps. Connected d...

CVE-2026-0029

In pkvminitvm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function

A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...

gnutls security update

3.8.10-3 - Fix CVE-2025-9820, CVE-2025-14831, drop unused patches - Fix PKCS11 token initialization label overflow CVE-2025-9820 - Fix name constraint processing performance issue CVE-2025-14831 - Drop unused patches...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005465)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005465 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during pf initialization The devlink reload proce...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005553)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005553 advisory. In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member uzonesize of struct...

Exploit for Improper Initialization in Linux Linux_Kernel

megaquagga-pentest-re...

Security update for gimp

This update for gimp fixes the following issues: CVE-2026-2044: lack of proper initialization of memory can allow remote attackers to execute arbitrary code bsc1258532. CVE-2026-2045: check offset in the colormap is valid before using it bsc1258533. CVE-2026-2048: lack of proper validation of...

SUSE-SU-2026:0684-1 Security update for gimp

This update for gimp fixes the following issues: - CVE-2026-2044: lack of proper initialization of memory can allow remote attackers to execute arbitrary code bsc1258532. - CVE-2026-2045: check offset in the colormap is valid before using it bsc1258533. - CVE-2026-2048: lack of proper validation ...

BIT-PYTORCH-2025-2149 PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization

A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnqSigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zeropoint leads to improper initialization. The attack needs to be approached...

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

CVE-2026-2044

GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

CVE-2026-25998

strongMan is a management interface for strongSwan, an OpenSource IPsec-based VPN. When storing credentials in the database private keys, EAP secrets, strongMan encrypts the corresponding database fields. So far it used AES in CTR mode with a global database key. Together with an initialization...

CVE-2026-26958

A flaw was found in filippo.io/edwards25519, a Go library used for cryptographic operations. This vulnerability occurs in the MultiScalarMult function when it processes points that are not properly initialized or are not the identity point. Such conditions can lead to incorrect cryptographic...

GIMP 安全漏洞

GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability that stems from improper memory initialization during the parsing of PGM files, which may lead to remote code execution...

CVE-2026-25998

strongMan (the management interface for strongSwan) is vulnerable in versions prior to 0.2.0 due to improper encryption of stored credentials in the database. The software used AES-CTR with a global database key and a single IV for all fields, enabling an attacker with database access to recover ...