SUSE CVE-2025-71272

In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...

SUSE CVE-2026-43344

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix die ID init and look up bugs In snbeppci2phymapinit, in the nrnodeids 8 path, uncoredevicetodie may return -1 when all CPUs associated with the UBOX device are offline. Remove the WARNONONCEdieid == -1...

SUSE CVE-2026-43351

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Eagerly init vgic dist/redist on vgic creation If vgicallocateprivateirqslocked fails for any odd reason, we exit kvmvgiccreate early, leaving dist-rdregions uninitialised. kvmvgicdistdestroy then comes along and walk...

webkitgtk: Processing maliciously crafted web content may disclose internal states of the app

A flaw was found in WebKitGTK. Processing malicious web content can cause a memory initialization issue due to improper memory handling and result in the disclosure of the internal states of the application...

CVE-2025-29338

NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...

EUVD-2026-29494

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

CVE-2026-30805

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

CVE-2026-6866

CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials...

CVE-2026-30805

CVE-2026-30805 affects Pandora FMS versions 777–800 and is described as an insecure default initialization of a resource that allows authentication bypass via API access. The available connected documents provide the vulnerability description but do not include explicit technical details beyond t...

CVE-2026-30805 Insecure Default Initialization in API Authentication leads to Authentication Bypass

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

CVE-2026-30805 Insecure Default Initialization in API Authentication leads to Authentication Bypass

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

CVE-2026-6866

CVE-2026-6866 affects EcoStruxure Panel Server and describes a CWE-1188 vulnerability where initialization of a resource with an insecure default could enable unauthorized authentication when credentials revert to initial settings. The threat scenario implies potential unauthorized disclosure of ...

SUSE CVE-2026-43288

In the Linux kernel, the following vulnerability has been resolved: ext4: move ext4percpuparaminit before ext4mbinit When running kvm-xfstests -c ext4/1k -C 1 generic/383 with the DOUBLECHECK macro defined, the following panic is triggered:...

PT-2026-40037

CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials...

Unsafe OpenSSL Initialization Vulnerability Within AMD Manageability Software

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62628| Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution....

Intel Xeon Scalable Processors 安全漏洞

Intel Xeon Scalable Processors are scalable server central processing units CPUs developed by the American company Intel. There are security vulnerabilities in Intel Xeon Scalable Processors, which stem from improper initialization and may lead to information leakage...

PT-2026-40049

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

SUSE CVE-2026-43395

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...

CLSA-2026-1778493745 opensc: Fix of 5 CVEs

CVE-2024-45615: initialize uninitialized variables passed as arguments - CVE-2024-45616: fix insufficient control of APDU response buffer length - CVE-2024-45617: check return values to avoid uninitialized variable use - CVE-2024-45618: check return values in pkcs15-init to avoid uninitialized...

Unity Linux 20.1070e Security Update: openvpn (UTSA-2026-017760)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017760 advisory. An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are...