CVE-2022-22815

pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

Missing Initialization of Resource in pnet

An issue was discovered in the pnet crate before 0.27.2 for Rust. There is a segmentation fault upon attempted dereference of an uninitialized descriptor because of an erroneous IcmpTransportChannelIterator compiler optimization...

PT-2022-12364 · Apache · Apache Kylin

Name of the Vulnerable Software and Affected Versions: Apache Kylin versions 2.6.6 and prior Apache Kylin versions 3.1.2 and prior Apache Kylin versions 4.0.0 and prior Description: Apache Kylin provides encryption classes PasswordPlaceholderConfigurer to help users encrypt their passwords. In th...

OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2021-30274

Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...

Double free

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

Integer overflow

Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...

CVE-2021-30274

CVE-2021-30274 concerns an integer overflow in the access initialization interface due to inadequate size and address validation. The issue is described across multiple sources as affecting Qualcomm/ Qualcomm Snapdragon platforms (including Snapdragon Auto, Compute, Connectivity, and related IoT/...

PT-2025-53989

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ath11k module related to the initialization of the qmi msg handler data structure. Specifically, the qmi msg handler requires null termination by the...

PT-2025-37510

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's DRM subsystem related to the handling of DRM bridges within the meson driver. Specifically, DRM bridges created by meson encoder hdmi init and meson...

PT-2025-8324

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free bug has been identified in the Linux kernel's macsec module. This issue occurs when a new macsec device is created without obtaining a reference to the real device,...

GSD-2021-1002832 ipmi: fix initialization when workqueue allocation fails

ipmi: fix initialization when workqueue allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...

GSD-2021-1002831 ipmi: ssif: initialize ssif_info->client early

ipmi: ssif: initialize ssifinfo-client early This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...

GSD-2021-1002805 ipmi: fix initialization when workqueue allocation fails

ipmi: fix initialization when workqueue allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.89 by commit...

GSD-2021-1002796 ipmi: fix initialization when workqueue allocation fails

ipmi: fix initialization when workqueue allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.169 by commit...

GSD-2021-1002795 ipmi: ssif: initialize ssif_info->client early

ipmi: ssif: initialize ssifinfo-client early This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.169 by commit...

GSD-2021-1002787 ipmi: fix initialization when workqueue allocation fails

ipmi: fix initialization when workqueue allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.223 by commit...

PT-2021-8083 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the incorrect initialization of dev-work after calling input register device in the appletouch component of the Linux kernel. This may cause a warning in flush...

Vader TWAP averages wrong

Handle cmichel Vulnerability details The vader price in LiquidityBasedTWAP.getVaderPrice is computed using the pastLiquidityWeights and pastTotalLiquidityWeight return values of the syncVaderPrice. The syncVaderPrice function does not initialize all weights and the total liquidity weight does not...

cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: cloud-init.service fails to start after package updat...