CVE-2022-50165 wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`

In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...

PT-2025-26091 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns an uninitialized variable use in the wil write file wmi function. A commit changed simple write to buffer to memdup user, but forgot to update the return value,...

TencentOS Server 4: helm (TSSA-2024:0616)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0616 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-5749

WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this...

CVE-2025-5749

WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this...

CVE-2025-5749

WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this...

CVE-2025-5749 WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability

WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this...

CVE-2025-5749 WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability

WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this...

CVE-2025-5749

The CVE-2025-5749 issue affects WOLFBOX Level 2 EV Charger devices, specifically the BLE communication path. The root cause is an uninitialized variable in the handling of cryptographic keys used in vendor-specific encrypted communications, enabling authentication bypass for network-adjacent atta...

(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of cryptographic keys used in vendor-specific...

The vulnerability of the Cisco AnyConnect server and the Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway network devices allows a perpetrator to cause service interruptions.

The vulnerability of the Cisco AnyConnect server and the Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway network devices is related to the use of an uninitialized variable. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

CVE-2022-47012

Use of uninitialized variable in function genethrecv in GNS3 dynamips 0.2.21...

CVE-2022-28488

The function wavformatwrite in libwav.c in libwav through 2017-04-20 has an Use of Uninitialized Variable vulnerability...

CVE-2021-22482

There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data...

CVE-2020-1342

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445...

CVE-2020-1322

An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'...

CVE-2019-14079

Access to the uninitialized variable when the driver tries to unmap the dma buffer of a request which was never mapped in the first place leading to kernel failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables i...

CVE-2019-9369

In Bluetooth, there is a use of uninitialized variable. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79995407...

CVE-2025-37961 ipvs: fix uninit-value for saddr in do_output_route4

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix uninit-value for saddr in dooutputroute4 syzbot reports for uninit-value for the saddr argument 1. commit 4754957f04f5 "ipvs: do not use random local source address for tunnels" already implies that the input value of...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21996)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21996 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix uninitialized size issue...