The vulnerability of software products for conducting Zoom Workplace video conferences on the Windows operating system, related to insecure resource initialization, allows a perpetrator to influence the integrity of protected information.

The vulnerability of software products for conducting Zoom Workplace video conferences on the Windows operating system is related to an insecure initialization of resources. Exploiting this vulnerability could allow an attacker to influence the integrity of protected information...

PT-2025-27707 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the iwlwifi module. The issue occurs when there is an error during initialization, causing the system to retry...

CVE-2025-21485

Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a potential memory corruption when processing INIT and multi-mode calls to IOCTL on FastRPC...

libvpx: Double-free in libvpx encoder

A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...

The vulnerability of the `init_ISA_irqs()` and `make_8259A_irq()` functions in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the initISAirqs and make8259Airq functions in the Linux operating system is related to the swapping of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...

GHSA-V75G-77VF-6JJQ Para Server Logs Sensitive Information

CWE ID: CWE-532 Insertion of Sensitive Information into Log File CVSS: 7.5 High Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Component: Para Server Initialization Logging Version: Para v1.50.6 File Path:...

SUSE CVE-2025-37993

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanclassallocatedev: initialize spin lock on device probe The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. wh...

PT-2025-29028 · Intel +1 · Intel Audio Subsystem +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue in the Advanced SoC ASoC Intel audio subsystem where a null pointer dereference could occur during hardware initialization. The avs dai find path...

When GPT Spills the Tea: Comprehensive Assessment of Knowledge File Leakage in GPTs

Knowledge files have been widely used in large language model LLM agents, such as GPTs, to improve response quality. However, concerns about the potential leakage of knowledge files have grown significantly. Existing studies demonstrate that adversarial prompts can induce GPTs to leak knowledge...

CVE-2025-37993

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanclassallocatedev: initialize spin lock on device probe The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. wh...

CVE-2025-37993 can: m_can: m_can_class_allocate_dev(): initialize spin lock on device probe

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanclassallocatedev: initialize spin lock on device probe The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. wh...

libvpx: Double-free in libvpx encoder

A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...

libvpx: Double-free in libvpx encoder

A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...

PT-2025-23152 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc3 Description: A vulnerability in the Linux kernel has been resolved, related to the initialization of a spin lock in the m can classdev struct. The issue occurs when trying to send CAN frames, resultin...

The vulnerability of the overflow_allocation_test() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the overflowallocationtest function in the Linux operating system is related to improper initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the `evaluate` function in the BusyBox command-line utility set allows a hacker to cause a service failure.

The vulnerability of the evaluate function in the BusyBox command-line utilities is related to an incorrect use after its initialization. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability in the module drivers/gpu/drm/v3d/v3d_submit.c of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/gpu/drm/v3d/v3dsubmit.c kernel module of the Linux operating system is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

CVE-2024-47945

The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. The session IDs are predictable, with only 32,768 possible values per user, which allows attackers to pre-generate valid session IDs, leading to unauthorized access to user sessions...

CVE-2024-3860

An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox 125...