EUVD-2023-24773

Malicious code in bioql PyPI...

CVE-2025-36244 IBM AIX privilege escalation

IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system with root privileges due to improper initialization of critical variables...

PT-2025-37994

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 IBM VIOS versions 3.1 through 4.1 Description: IBM AIX and VIOS, when configured to use Kerberos network authentication, may allow a local user to gain root privileges by writing to files on the system due to...

CVE-2025-20271

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition in the Cisco AnyConnect service on an affected device. This vulnerability is due to...

CVE-2019-9318

In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111764725...

Zoom Client for Meetings < 6.3.10 Insecure Default Variable Initialization Vulnerability (ZSB-25014)

The version of Zoom Client for Meetings installed on the remote host is prior to 6.3.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25014 advisory. - Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to...

CVE-2025-27443

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access...

CVE-2025-27443 Zoom Workplace Apps for Windows - Insecure Default Variable Initialization

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access...

CVE-2024-57877 arm64: ptrace: fix partial SETREGSET for NT_ARM_POE

In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NTARMPOE Currently poeset doesn't initialize the temporary 'ctrl' variable, and a SETREGSET call with a length of zero will leave this uninitialized. Consequently an arbitrary value will b...

CVE-2024-56446

CVE-2024-56446 concerns Huawei HarmonyOS with a vulnerability in the notification module where variables are not initialized. The impact described is potential availability disruption. The documents do not specify affected product versions, root cause details beyond the initialization issue, expl...

CVE-2024-56676

In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with free Variables annotated with free need to be initialized if the function can return before they get updated for the first time or the attempt to free the memory pointed ...

UBUNTU-CVE-2024-56676

In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with free Variables annotated with free need to be initialized if the function can return before they get updated for the first time or the attempt to free the memory pointed ...

CVE-2024-56676

In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with free Variables annotated with free need to be initialized if the function can return before they get updated for the first time or the attempt to free the memory pointed ...

PT-2024-36984 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the initialization of variables annotated with free in the thermal testing code of the Linux kernel. If a function can return before these variables are updated...

ROS-20240723-05

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to an insecure privilege management vulnerability. insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate their privileges A vulnerability in the...

fgr Vulnerable to Insecure Default Variable Initialization

Impact Any users whom would not desire a traceback to be included in their logs whenever an error is raised in their code will be affected. If users have inadvertently created a scenario in their code that could cause a traceback to include sensitive information and a malicious entity gained acce...

CVE-2023-46232 era-compiler-vyper First Immutable Variable Initialization vulnerability

era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The proble...

SoftEther VPN CiRpcAccepted() authentication bypass vulnerability

Talos Vulnerability Report TALOS-2023-1754 SoftEther VPN CiRpcAccepted authentication bypass vulnerability October 12, 2023 CVE Number CVE-2023-27516 SUMMARY An authentication bypass vulnerability exists in the CiRpcAccepted functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially...

CVE-2023-20597

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access...

CVE-2023-20594

CVE-2023-20594 concerns the AMD DXE driver. The root cause is improper initialization of variables in the DXE driver, which may allow a privileged local user to leak sensitive information. Impact is information disclosure with local access; attack vector is local. The vulnerability affects AMD DX...