CVE-2024-45432

OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...

CVE-2024-45432

OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...

OpenSynergy BlueSDK 安全漏洞

OpenSynergy BlueSDK is a Bluetooth stack from the German company OpenSynergy. A security vulnerability exists in OpenSynergy BlueSDK 6.x and earlier versions, which stems from the use of the wrong variable as a function parameter in the BlueSDK Bluetooth stack, and could lead to unexpected behavi...

Erlang/OTP (Erlang OTP) Httpd CGI Scripts Environment Variable Pollution Vulnerability (Sep 2025, httpoxy) - Linux

Erlang/OTP Erlang OTP is prone to a Httpd CGI scripts environment variable pollution vulnerability in the inets component dubbed SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Erlang/OTP (Erlang OTP) Httpd CGI Scripts Environment Variable Pollution Vulnerability (Sep 2025, httpoxy) - Windows

Erlang/OTP Erlang OTP is prone to a Httpd CGI scripts environment variable pollution vulnerability in the inets component dubbed SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Linux Distros Unpatched Vulnerability : CVE-2017-17535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow...

Linux Distros Unpatched Vulnerability : CVE-2016-3922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain...

Linux Distros Unpatched Vulnerability : CVE-2017-17534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uiutil.c in Mensis 0.0.080507 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote...

Linux Distros Unpatched Vulnerability : CVE-2024-28852

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ampache is a web based audio/video streaming application and file manager. Ampache has multiple reflective XSS vulnerabilities,this means that all forms in the...

Security Bulletin: Arbitrary Code Execution via JaninoEventEvaluator in Logback-Core (Versions 0.1–1.3.14, 1.4.0–1.5.12) through Malicious Configuration or Environment Variable Injection affects watsonx.data

Summary ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java applications allows attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before...

TinyEnv 安全漏洞

TinyEnv is an environment variable loader for Dat Duy Personal Developer. A security vulnerability exists in TinyEnv versions 1.0.1, 1.0.2, 1.0.9, and 1.0.10, which stems from a checking deficiency in the .env file that could lead to unsafe default configurations...

CVE-2023-31326

Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment TEE driver, potentially leading to loss of confidentiality...

CVE-2023-31326

Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment TEE driver, potentially leading to loss of confidentiality...

CVE-2023-31326

Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment TEE driver, potentially leading to loss of confidentiality...

CVE-2023-31326

CVE-2023-31326 concerns AMD components where the root cause is uninitialized variable usage in the ASP, which could allow an attacker to access leftover data from a trusted execution environment (TEE) driver and potentially cause confidentiality loss. The issue spans AMD Client and Embedded Proce...

CVE-2023-31326

Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment TEE driver, potentially leading to loss of confidentiality...

PT-2025-36380

Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: The use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment TEE driver, potentially leading to loss of confidentiality...

SUSE CVE-2025-38737

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uninitialised variable Fix smb3inittransformrq to initialise buffer to NULL before calling netfsallocfolioqbuffer as netfs assumes it can append to the buffer it is given. Setting it to NULL means it should...

UBUNTU-CVE-2025-38737

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uninitialised variable Fix smb3inittransformrq to initialise buffer to NULL before calling netfsallocfolioqbuffer as netfs assumes it can append to the buffer it is given. Setting it to NULL means it should...

CVE-2025-38737 cifs: Fix oops due to uninitialised variable

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uninitialised variable Fix smb3inittransformrq to initialise buffer to NULL before calling netfsallocfolioqbuffer as netfs assumes it can append to the buffer it is given. Setting it to NULL means it should...