1101 matches found
CVE-2025-10021
A Use of Uninitialized Variable vulnerability exists in Open Design Alliance Drawings SDK static versions mt before 2026.12. Static object COdaMfcAppApp theApp may access OdString::kEmpty before its initialization. Due to undefined initialization order of static objects across translation units...
CVE-2025-10021
A Use of Uninitialized Variable vulnerability exists in Open Design Alliance Drawings SDK static versions mt before 2026.12. Static object COdaMfcAppApp theApp may access OdString::kEmpty before its initialization. Due to undefined initialization order of static objects across translation units...
CVE-2025-10021
A Use of Uninitialized Variable vulnerability exists in Open Design Alliance Drawings SDK static versions mt before 2026.12. Static object COdaMfcAppApp theApp may access OdString::kEmpty before its initialization. Due to undefined initialization order of static objects across translation units...
Open Design Alliance Drawings SDK 安全漏洞
Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for .NET, JAVA, and Python...
PT-2025-52653
Name of the Vulnerable Software and Affected Versions Open Design Alliance Drawings SDK versions prior to 2026.12 Description A Use of Uninitialized Variable issue exists in the software. A static object COdaMfcAppApp theApp may access OdString::kEmpty before its initialization. This is due to...
Mozilla Thunderbird < 31.3
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 31.3. It is, therefore, affected by a vulnerability as referenced in the mfsa2014-90 advisory. - jemalloc poisoning plus Apple uninitialized variable usage triggers keylogging in /tmp/ on OSX 10.10CVE-2014-1595...
EulerOS Virtualization 2.13.0 : libssh (EulerOS-SA-2025-2584)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to...
EulerOS 2.0 SP11 : libssh (EulerOS-SA-2025-2484)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to sshgetfingerprinthash...
kernel: cifs: Fix oops due to uninitialised variable
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uninitialised variable Fix smb3inittransformrq to initialise buffer to NULL before calling netfsallocfolioqbuffer as netfs assumes it can append to the buffer it is given. Setting it to NULL means it should...
[SECURITY] [DLA 4385-1] libssh security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4385-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 27, 2025 https://wiki.debian.org/LTS -...
EulerOS 2.0 SP12 : libssh (EulerOS-SA-2025-2332)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation...
EulerOS 2.0 SP10 : libssh (EulerOS-SA-2025-2420)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to sshgetfingerprinthash...
Use of Uninitialized Variable
Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable via the genericunpack function. An attacker can trigger undefined behavior or cause a crash by providing specially crafted input that leads to the use of uninitialized memory. PoC The archive includes the...
Use of Uninitialized Variable
Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Use of Uninitialized Variable via the genericunpack function. An attacker can trigger undefined behavior or cause a crash by providing specially crafted input that leads to...
Improper Resource Management
Dragonfly is vulnerable to Improper Resource Management. The vulnerability is due to the processPieceFromSource method failing to update the usedTraffic field because of an uninitialized variable, which allows an attacker to exploit incorrect rate limiting and cause a denial-of-service condition...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mtd: nand: ecc-mxic: Fixed the use of an uninitialized variable ret. If ctx-steps is zero, the loop that processes ECC steps is skipped, and the variable ret remains uninitialized. This variable is later checked and returned, whi...
Siemens SIMATIC Devices Use of Uninitialized Variable (CVE-2024-35888)
In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2025-2267)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-10547
An uninitialized variable in the HTTP CGI request arguments processing component of Vigor Routers running DrayOS may allow an attacker the ability to perform RCE on the appliance through memory corruption...
EUVD-2016-9233
Malware in sbrugna...