CVE-2025-13499

CVE-2025-13499 affects Wireshark and is described in multiple advisories as a Kafka dissector crash leading to denial of service. The root cause is an access of an uninitialized pointer in the Kafka dissector. Public references across Debian, Fedora, and other feeds indicate this vulnerability is...

CVE-2025-13499 Access of Uninitialized Pointer in Wireshark

Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service...

CVE-2025-13499 Access of Uninitialized Pointer in Wireshark

Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service...

Siemens SCALANCE and RUGGEDCOM Devices Access of Uninitialized Pointer (CVE-2024-57874)

arm64: ptrace: vulnerability due to an uninitialized variable in the taggedaddrctrlset function, leading to potential memory leakage from the kernel stack when a zero-length SETREGSET call is made, exposing up to 64 bits of memory. This plugin only works with Tenable.ot. Please visit...

CVE-2025-40155

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: debugfs: Fix legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b. SSPTPTR maybe uninitialized or zero in that case and may cause oops like: Oops: general protection fault,...

CVE-2025-40155 iommu/vt-d: debugfs: Fix legacy mode page table dump logic

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: debugfs: Fix legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b. SSPTPTR maybe uninitialized or zero in that case and may cause oops like: Oops: general protection fault,...

CVE-2025-40127 hwrng: ks-sa - fix division by zero in ks_sa_rng_init

In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in kssarnginit Fix division by zero in kssarnginit caused by missing clock pointer initialization. The clkgetrate call is performed on an uninitialized clk pointer, resulting in division by zer...

kernel: usbnet: fix memory leak in error case

In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnetwritecmdasync mixed up which buffers need to be freed in which error case. v2: add Fixes tag v3: fix uninitialized buf pointer...

CVE-2025-23352

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

Juniper Junos OS Vulnerability (JSA103151)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA103151 advisory. - An Access of Uninitialized Pointer vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved with BGP sharding configured allows ...

EUVD-2025-35725

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

CVE-2025-23352

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

CVE-2025-23352

CVE-2025-23352 is associated with NVIDIA vGPU software, specifically the Virtual GPU Manager, where a malicious guest could trigger an uninitialized pointer access leading to possible code execution, DoS, privilege escalation, information disclosure, or data tampering. Multiple trusted sources (N...

CVE-2025-23352

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

CVE-2025-23352

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

NVIDIA Virtual GPU Manager 缓冲区错误漏洞

NVIDIA Virtual GPU Manager is an NVIDIA virtual GPU management software from NVIDIA Corporation. A buffer error vulnerability exists in NVIDIA Virtual GPU Manager, which stems from the presence of uninitialized pointer access to Virtual GPU Manager, and could lead to code execution, denial of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987638 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: Fix kernel oops in btmtksdiointerrupt Fix the following kernel oops in...

NVIDIA Virtual GPU Manager Multiple Vulnerabilities (October 2025)

The NVIDIA Virtual GPU Manager software on the remote host is missing a security update. It is, therefore, affected by a vulnerability where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service,...

Advisory ROSA-SA-2025-3034

software: opencv 4.10.0 AXIS: ROSA-CHROME affected versions: None CVE-ID: CVE-2025-53644 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in OpenCV 4.10.0 and 4.11.0 is the use of an uninitialized pointer when processing JPEGs, which can lead to arbitrary memory writes. CVE-STATUS: Not...

CVE-2025-59962

An Access of Uninitialized Pointer vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved with BGP sharding configured allows an attacker triggering indirect next-hop updates, along with timing outside the attacker's control, to cause rpd to crash and...