ROS-20251216-7371

A vulnerability in the Extensions component of Google Chrome and Microsoft Edge browsers is related to incorrect resource initialization. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

Insecure Default Initialization of Resource

Overview @modelcontextprotocol/sdk is a Model Context Protocol implementation for TypeScript Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the StreamableHTTPServerTransport or SSEServerTransport process when enableDnsRebindingProtection is not...

Siemens SIMATIC S7-1500 Missing Initialization of Resource (CVE-2021-22898)

curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on...

CVE-2025-40177 accel/qaic: Fix bootlog initialization ordering

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers to receive the bootlog from the device, we could be receiving data. Therefore all the resources needed to process that data need to be setup prior to...

EUVD-2006-2202

Malware in sbrugna...

EUVD-2025-32386

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ If the interrupt occurs before resource initialization is complete, the interrupt handler/worker may access uninitialized data such as the I2C tcpcclient device,...

CVE-2025-39934

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ If the interrupt occurs before resource initialization is complete, the interrupt handler/worker may access uninitialized data such as the I2C tcpcclient device,...

CVE-2025-39934

CVE-2025-39934: Linux kernel drm: bridge: anx7625 fixes a NULL pointer dereference when an IRQ fires before resource initialization, potentially accessing uninitialized I2C tcpc_client data. The NVD entry notes a MEDIUM base score (5.5) with LOCAL attack vector and LOW PR, HIGH impact on availabi...

CVE-2025-39934 drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ If the interrupt occurs before resource initialization is complete, the interrupt handler/worker may access uninitialized data such as the I2C tcpcclient device,...

EUVD-2025-31069

Malicious code in bioql PyPI...

EUVD-2024-42844

Malicious code in bioql PyPI...

EUVD-2024-15904

Malicious code in bioql PyPI...

EUVD-2025-14536

Malicious code in bioql PyPI...

GHSA-8V65-5FW5-23WJ node-cube vulnerable to prototype pollution

The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...

CVE-2025-57348

The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...

CVE-2025-57348

The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...

CVE-2025-57348

The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...

The vulnerability of the Firewall software for creating containerized systems like Moby allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Moby containerization system’s firewall software relates to improper initialization of resources. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the do_change_type() function in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the dochangetype function in Linux operating systems is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the csum_ipv6_magic() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the csumipv6magic function in the Linux operating system is related to incorrect initialization of the resource. Exploiting this vulnerability can allow an attacker to cause a service failure...