Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a variable marked free in the thermal:testing module not being initialized before the function returns,...

CVE-2024-11364

Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. If exploited, a threat actor could leverage this vulnerability to...

CVE-2024-11364

CVE-2024-11364 concerns Rockwell Automation Arena Simulation. The issue is a vulnerability in the parsing of DOE files where an uninitialized variable/memory can be accessed, enabling arbitrary code execution. Exploitation requires some form of user interaction (e.g., opening a malicious DOE file...

CVE-2024-11364 Rockwell Automation Third Party Vulnerability in Arena®

Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. If exploited, a threat actor could leverage this vulnerability to...

CVE-2024-11364 Rockwell Automation Third Party Vulnerability in Arena®

Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. If exploited, a threat actor could leverage this vulnerability to...

Rockwell Automation Arena Simulation DOE File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

The vulnerability of the gst_matroska_demux_add_wvpk_header function in the Gstreamer multimedia framework allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the gstmatroskademuxaddwvpkheader function is related to the use of an uninitialized variable. Exploiting this vulnerability could allow a attacker to execute arbitrary code or cause service failures...

PT-2025-11202 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: The issue arises when a maliciously crafted CATPRODUCT file is parsed through Autodesk AutoCAD, leading to an Uninitialized Variable vulnerability. This can be exploited by a...

SUSE CVE-2024-47540

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...

CVE-2024-47540

A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash. Mitigation Do no...

CVE-2024-47540

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...

Rockwell Automation Arena < 16.20.06 Multiple Vulnerabilities

The version of Rockwell Automation Arena installed on the remote Windows host is prior to 16.20.06. It is, therefore, affected by a number of different vulnerabilities - A “use after free” code execution vulnerability exists in the affected products that could allow a threat actor to craft a...

CVE-2024-47540

CVE-2024-47540 affects GStreamer, caused by an uninitialized stack variable in gst_matroska_demux_add_wvpk_header (matroska-demux.c). When size

CVE-2024-47540

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...

CVE-2024-47540

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...

GStreamer 安全漏洞

GStreamer is an open source set of frameworks for processing streaming media from GStreamer. A security vulnerability exists in GStreamer that stems from an uninitialized stack variable vulnerability found in the gstmatroskademuxaddwvpkheader function in matroska-demux.c. The vulnerability is...

Rockwell Automation Arena Simulation DOE File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

CVE-2024-11158

An “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable before it being initialized. If exploited, a threat actor could leverage this vulnerability to execute...

CVE-2024-11158

An “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable before it being initialized. If exploited, a threat actor could leverage this vulnerability to execute...

CVE-2024-11158 Rockwell Automation Arena® Uninitialized Vulnerability

An “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable before it being initialized. If exploited, a threat actor could leverage this vulnerability to execute...