Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003049)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003049 advisory. Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the...

Autodesk AutoCAD DGN File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DG...

DEBIAN-CVE-2024-7540

oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

PT-2024-12387 · Qualcomm · Snapdragon +42

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a Transient Denial of Service DOS in the Core when a DDR memory check is called while the DDR is not initialized. This suggests ...

OESA-2024-1106 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service panic because inputsetcapability mishandles the situation in which an event code falls outside of a...

PT-2023-28255 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open...

SUSE CVE-2005-0400

The ext2makeempty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block...

SUSE CVE-2010-4158

The skrunfilter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a 1 BPFSLDMEM or 2 BPFSLDXMEM instruction, which allows local users to obtain potentially sensitive information from kernel stac...

SUSE CVE-2014-7940

The collator implementation in i18n/ucol.cpp in International Components for Unicode ICU 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have...

SUSE CVE-2015-1228

The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service...

SUSE CVE-2016-2790

The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown othe...

CVE-2021-46566

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2021-31417

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

CVE-2016-4639

Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors...

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown othe...

UBUNTU-CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...