2110 matches found
CVE-2025-2287 Local Code Execution Vulnerability in Arena®
A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...
CVE-2025-2287
CVE-2025-2287 is a local code-execution vulnerability in Rockwell Automation Arena® caused by an uninitialized pointer resulting from improper validation of user-supplied data. A threat actor could disclose information and execute arbitrary code if a legitimate user opens a malicious DOE file. Ex...
CVE-2025-2286 Local Code Execution Vulnerability in Arena®
A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...
CVE-2025-2286 Local Code Execution Vulnerability in Arena®
A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...
CVE-2025-2286
CVE-2025-2286 : Local code execution in Rockwell Automation Arena due to an uninitialized pointer from improper validation of user-supplied data. A legitimate user must open a malicious DOE file to exploit, enabling information disclosure and arbitrary code execution on the system. Reported remed...
CVE-2025-2285 Local Code Execution Vulnerability in Arena®
A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...
CVE-2025-2285 Local Code Execution Vulnerability in Arena®
A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...
CVE-2025-2285
Rockwell Automation Arena is affected by a local code execution vulnerability (CVE-2025-2285) due to an uninitialized pointer from improper validation of user-supplied data. Exploitation requires a legitimate user to open a malicious DOE file, enabling information disclosure and arbitrary code ex...
PT-2025-15444 · Rockwell Automation · Rockwell Automation Arena
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A local code execution issue exists due to an uninitialized pointer, resulting from improper validation of user-supplied data. If exploited, a threat actor can disclose...
PT-2025-15448 · Rockwell Automation · Rockwell Automation Arena
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A local code execution issue exists due to an uninitialized pointer, resulting from improper validation of user-supplied data. If exploited, a threat actor can disclose...
MGASA-2025-0121 Updated zvbi packages fix security vulnerabilities
A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...
Updated zvbi packages fix security vulnerabilities
A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...
Amazon Linux 2023 : xorg-x11-server-common, xorg-x11-server-devel, xorg-x11-server-source (ALAS2023-2025-892)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-892 advisory. A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to...
Amazon Linux 2023 : xorg-x11-server-Xwayland, xorg-x11-server-Xwayland-devel (ALAS2023-2025-895)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-895 advisory. A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to...
CVE-2025-2530
Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must...
Amazon Linux 2 : xorg-x11-server (ALAS-2025-2791)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2791 advisory. A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to free...
Important: xorg-x11-server-Xwayland
Issue Overview: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 A buffer overflow flaw was found ...
Important: xorg-x11-server
Issue Overview: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 A buffer overflow flaw was found ...
Important: xorg-x11-server-Xwayland
Issue Overview: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 A buffer overflow flaw was found ...
Important: xorg-x11-server
Issue Overview: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 A buffer overflow flaw was found ...