9567 matches found
PT-2025-38294
Name of the Vulnerable Software and Affected Versions D-Link DIR-823X versions 240126, 240802, and 250416 Description A weakness exists in the Environment Variable Handler component of the D-Link DIR-823X router. Manipulation of the terminal addr, server ip, or server port argument within the sub...
Apple macOS Tahoe environment variable mishandling vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked share variable that could lead to a null pointer dereference...
Use of Uninitialized Variable
Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable due to improper handling of the usedTraffic field in the processPieceFromSource method. An attacker can cause service disruption for a peer by exploiting incorrect rate limiting during task processing...
Use of Uninitialized Variable
Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable due to improper handling of the usedTraffic field in the processPieceFromSource method. An attacker can cause service disruption for a peer by exploiting incorrect rate limiting during task processing...
CVE-2025-9450
A Use of Uninitialized Variable vulnerability affecting the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 could allow an attacker to execute arbitrary code while opening a specially crafted JT file...
CVE-2025-9450 Use of Uninitialized Variable vulnerability affecting the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025
A Use of Uninitialized Variable vulnerability affecting the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 could allow an attacker to execute arbitrary code while opening a specially crafted JT file...
CVE-2025-9450 Use of Uninitialized Variable vulnerability affecting the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025
A Use of Uninitialized Variable vulnerability affecting the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 could allow an attacker to execute arbitrary code while opening a specially crafted JT file...
CVE-2025-9450
CVE-2025-9450 describes a Use of Uninitialized Variable vulnerability in SOLIDWORKS eDrawings, specifically in the JT file reading procedure for SOLIDWORKS Desktop 2025. The flaw within memory handling during JT file parsing can allow an attacker to execute arbitrary code when opening a crafted J...
Dragonfly 安全漏洞
Dragonfly is an open source framework from DragonflyDB that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly versions prior to 2.1.0, which stems from an uninitialized variable n being used as a protection condition for an AddTraffic method call, resulti...
PT-2025-38120
Name of the Vulnerable Software and Affected Versions SOLIDWORKS eDrawings versions prior to SOLIDWORKS Desktop 2025 Description A use of uninitialized variable issue exists in the JT file reading procedure within SOLIDWORKS eDrawings. This could allow an attacker to execute arbitrary code by...
DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error
We found two instances in the DragonFly codebase where the first return value of a function is dereferenced even when the function returns an error figures 9.1 and 9.2. This can result in a nil dereference, and cause code to panic. The codebase may contain additional instances of the bug. golang...
SUSE CVE-2025-39817
In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as well: BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasancheckrange+0xe8/0x190 asanloadN+0x1c/0x28 memcmp+0x98/0xd0...
CVE-2025-36244 IBM AIX privilege escalation
IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system with root privileges due to improper initialization of critical variables...
CVE-2025-39817
In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as well: BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasancheckrange+0xe8/0x190 asanloadN+0x1c/0x28 memcmp+0x98/0xd0...
PT-2025-37994
Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 IBM VIOS versions 3.1 through 4.1 Description: IBM AIX and VIOS, when configured to use Kerberos network authentication, may allow a local user to gain root privileges by writing to files on the system due to...
CVE-2022-50270
This CVE (CVE-2022-50270) affects the Linux kernel f2fs component. The root cause was a faulty iocb assignment in the f2fs_direct_IO_enter trace event: the code only copied the pointer of iocb and then accessed its field during trace printing, which could lead to a kernel paging fault. The fixes ...
Apple macOS 安全漏洞
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
CVE-2024-45432
OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...
CVE-2024-45432
OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...