CVE-2025-2286 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

CVE-2025-2286 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

CVE-2025-2285 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

CVE-2025-2285

Rockwell Automation Arena is affected by a local code execution vulnerability (CVE-2025-2285) due to an uninitialized pointer from improper validation of user-supplied data. Exploitation requires a legitimate user to open a malicious DOE file, enabling information disclosure and arbitrary code ex...

CVE-2025-2285 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

PT-2025-15448 · Rockwell Automation · Rockwell Automation Arena

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A local code execution issue exists due to an uninitialized pointer, resulting from improper validation of user-supplied data. If exploited, a threat actor can disclose...

PT-2025-15444 · Rockwell Automation · Rockwell Automation Arena

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A local code execution issue exists due to an uninitialized pointer, resulting from improper validation of user-supplied data. If exploited, a threat actor can disclose...

Updated zvbi packages fix security vulnerabilities

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...

MGASA-2025-0121 Updated zvbi packages fix security vulnerabilities

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...

Amazon Linux 2023 : xorg-x11-server-common, xorg-x11-server-devel, xorg-x11-server-source (ALAS2023-2025-892)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-892 advisory. A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to...

Amazon Linux 2023 : xorg-x11-server-Xwayland, xorg-x11-server-Xwayland-devel (ALAS2023-2025-895)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-895 advisory. A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to...

CVE-2025-2530

Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must...

Amazon Linux 2 : xorg-x11-server (ALAS-2025-2791)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2791 advisory. A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to free...

Important: xorg-x11-server-Xwayland

Issue Overview: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 A buffer overflow flaw was found ...

Important: xorg-x11-server-Xwayland

Issue Overview: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 A buffer overflow flaw was found ...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2024, and Adobe Acrobat 2020, related to access to an uninitialized pointer, allow attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2024, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to the access to an uninitialized pointer. Exploiting this vulnerability can allow a...

Important: xorg-x11-server

Issue Overview: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 A buffer overflow flaw was found ...

Important: xorg-x11-server

Issue Overview: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 A buffer overflow flaw was found ...

CVE-2025-2530

Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must...

CVE-2025-2530

Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must...