Multiple vulnerabilities in multiple Keyence products

Overview Multiple products provided by KEYENCE CORPORATION contain multiple vulnerabilities listed below. Stack-based buffer overflow CWE-121 - CVE-2025-58775, CVE-2025-58776 Access of uninitialized pointer CWE-824 - CVE-2025-58777 Buffer underflow CWE-124 - CVE-2025-61690 Out-of-bounds read...

CVE-2025-58777

VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product...

CVE-2025-58777

VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product...

CVE-2025-58777

VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product...

CVE-2025-58777

VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product...

CVE-2025-58777

CVE-2025-58777 affects KEYENCE VT STUDIO 8.53 and earlier, where an access of an uninitialized pointer (via a specially crafted file) may lead to arbitrary code execution. Mitigation noted in PT-2025-40318: update VT STUDIO to a version later than 8.53.

KEYENCE VT STUDIO 缓冲区错误漏洞

KEYENCE VT STUDIO is a human-machine interface screen design and configuration software from KEYENCE Japan. A buffer error vulnerability exists in KEYENCE VT STUDIO version 8.53 and earlier, which originates from an uninitialized pointer access and could lead to the execution of arbitrary code...

PT-2025-40318

Name of the Vulnerable Software and Affected Versions VT Studio versions 8.53 and prior Description VT Studio versions 8.53 and earlier are susceptible to an issue where an uninitialized pointer can be accessed. Exploitation of this condition, through the use of a specially crafted file, may lead...

PT-2025-46598

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s BPF subsystem contains an issue where the expected attach type is not properly enforced for tailcall compatibility. A fuzzer tool discovered an uninitialized pointer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an uninitialized ndev pointer, which could lead to a null pointer dereference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the possibility that the external power change callback in the aasp288fuelgaugeprobe function may be using a...

Wago CODESYS V2 Runtime Toolkit Access of Uninitialized Pointer (CVE-2021-34596)

A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot fo...

UBUNTU-CVE-2025-39729

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch warnings: drivers/crypto/ccp/sev-dev.c:1312 sevplatforminitlocked error: we previously assumed 'error' could be null...

CVE-2025-39729 crypto: ccp - Fix dereferencing uninitialized error pointer

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch warnings: drivers/crypto/ccp/sev-dev.c:1312 sevplatforminitlocked error: we previously assumed 'error' could be null...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an uninitialized errant pointer that could lead to a null pointer dereference...

pNFS: Fix uninited ptr deref in block/scsi layout

...

OESA-2025-2130 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

OESA-2025-2128 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

OESA-2025-2127 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

CVE-2025-9274

Oxford Instruments Imaris Viewer IMS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oxford Instruments Imaris Viewer. User interaction is required to exploit this vulnerabili...