PT-2025-7897 · Xwayland +12 · Xwayland +12

Name of the Vulnerable Software and Affected Versions: X.Org and Xwayland affected versions not specified Description: An issue was found where the function compCheckRedirect may fail to allocate the backing pixmap, leading to a BadAlloc error. This error occurs without validating the window tree...

xorg server -- Multiple vulnerabilities

The X.Org project reports: CVE-2025-26594: Use-after-free of the root cursor The root cursor is referenced in the xserver as a global variable. If a client manages to free the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26595: Buffer overflow i...

UBUNTU-CVE-2025-24031

PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pampkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, pamgetpwd will never initialize the password...

CVE-2025-24031 PAM-PKCS#11 vulnerable to segmentation fault on ctrl-c/ctrl-d when asked for PIN

PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pampkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, pamgetpwd will never initialize the password...

CVE-2025-24031 PAM-PKCS#11 vulnerable to segmentation fault on ctrl-c/ctrl-d when asked for PIN

PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pampkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, pamgetpwd will never initialize the password...

PT-2025-6067 · Unknown +2 · Pam Pkcs11 +2

Name of the Vulnerable Software and Affected Versions: PAM-PKCS11 versions 0.6.12 and prior Description: The issue affects a Linux-PAM login module that allows X.509 certificate-based user login. When a user presses ctrl-c/ctrl-d while being asked for a PIN, the pam pkcs11 module segfaults...

Access of Uninitialized Pointer

Overview Affected versions of this package are vulnerable to Access of Uninitialized Pointer in the AMF3CDAddProp function in amf.c which allows attackers to trigger an exploitable crash. Remediation There is no fixed version for rudloff/rtmpdump-bin. References - Talos Vulnerability Report -...

Access of Uninitialized Pointer

Overview Affected versions of this package are vulnerable to Access of Uninitialized Pointer in the AMF3ReadString function in amf.c. Remediation There is no fixed version for rudloff/rtmpdump-bin. References - Talos Vulnerability Report - Vulnerable Code Credit: Dave McDaniel...

CVE-2022-43606

A use-of-uninitialized-pointer vulnerability exists in the Forward Open connectionmanagemententry functionality of EIP Stack Group OpENer development commit 58ee13c. A specially-crafted EtherNet/IP request can lead to use of a null pointer, causing the server to crash. An attacker can send a seri...

CVE-2024-24925

A vulnerability has been identified in Simcenter Femap All versions V2306.0000. The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. An attacker could leverage this vulnerability to execute code in the context of the current...

CVE-2024-26004

An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality...

btrfs: fix uninitialized pointer free in add_inode_ref()

...

btrfs: fix uninitialized pointer free on read_alloc_one_name() error

...

PT-2025-10872 · Adobe · Acrobat Reader

Name of the Vulnerable Software and Affected Versions: Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier Adobe Acrobat 2020, Adobe Acrobat Reader 2020, Adobe Acrobat 2024 affected versions not specified Description: The issue is related to an access of uninitialized...

CVE-2024-24443

An uninitialized pointer dereference in the ngaphandlepdusessionresourcesetupresponse routine of OpenAirInterface CN5G AMF oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service DoS via a crafted PDU Session Resource Setup Response...

CVE-2024-24443

An uninitialized pointer dereference in the ngaphandlepdusessionresourcesetupresponse routine of OpenAirInterface CN5G AMF oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service DoS via a crafted PDU Session Resource Setup Response...

The vulnerability of the ocfs2_file_read_iter() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ocfs2filereaditer function in the Linux operating system is related to the use of an uninitialized pointer. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

Microsoft Office Word DOCX File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

The vulnerability of the `__lpass_get_dmactl_handle` function in the qcom component of the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the lpassgetdmactlhandle function in the qcom component of the Linux operating system is related to the use of an uninitialized pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2021-26093

An access of uninitialized pointer CWE-824 vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command...