PT-2025-30462

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Graphite VC6 affected versions not specified Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2025-1818)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2025-1819)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

(Pwn2Own) NVIDIA Container Toolkit Environment Variable Handling Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of NVIDIA Container Toolkit. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

CVE-2025-7836

A vulnerability has been found in D-Link DIR-816L up to 2.06B01 and classified as critical. Affected by this vulnerability is the function lxmldbcsystem of the file /htdocs/cgibin of the component Environment Variable Handler. The manipulation leads to command injection. The attack can be launche...

Use of Uninitialized Variable

Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable via the opjjp2readheader component when reading crafted JPEG images. An attacker can achieve arbitrary heap buffer writes by supplying specially crafted JPEG files. PoC include include static void decodecon...

Apache HTTP Server: mod_ssl error log variable escaping

...

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries.

...

Dassault Systèmes eDrawings Viewer JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

The vulnerability of the EPA component of the Honeywell Experion PKS programmable logic controllers allows a intruder to trigger a service failure.

The vulnerability of the Epic Platform Analyzer EPA component of Honeywell Experion PKS programmable logic controllers is related to the use of an uninitialized variable. Exploiting this vulnerability could allow a malicious actor to cause a service failure remotely...

CVE-2025-6974

Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file...

CVE-2025-6974

SOLIDWORKS eDrawings for SOLIDWORKS Desktop 2025 is affected by CVE-2025-6974 due to an uninitialized variable in the JT file reading procedure. This can allow arbitrary code execution when opening a specially crafted JT file. Root cause: uninitialized memory access during JT file parsing. Affect...

CVE-2025-6974 Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025

Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file...

CVE-2025-6974 Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025

Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file...

PT-2025-29573 · Dassault Systèmes · Solidworks Edrawings +1

Name of the Vulnerable Software and Affected Versions: SOLIDWORKS eDrawings versions prior to SOLIDWORKS Desktop 2025 Description: A use of uninitialized variable issue exists in the JT file reading procedure. This could allow an attacker to execute arbitrary code when opening a specially crafted...

emacs security update

1:26.1-15 - Restore definition of variable 'enable-dir-local-variables' RHEL-92830 1:26.1-14 - Fix arbitrary code execution via Lisp macro expansion RHEL-69394...

Malicious code in paradox-pydevdeps (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ffb02e4aaa239e465a9365307dc9f04e5d881cc9f56bd34a1112ce87db7998bc Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

lz4 security update

1.8.3-5 - Fix a renamed variable in one of the patches - Since the variable was used in an assert, the regular build did not fail, but the QA builds did. - Related: RHEL-87362 1.8.3-4 - Fix CVE-2019-17543 - Resolves: RHEL-87362...

CVE-2025-2520

The Honeywell Experion PKS contains an Uninitialized Variable in the common Epic Platform Analyzer EPA communications. An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which results in a dereferencing of an uninitialized pointer leading to...

SUSE CVE-2025-38277

In the Linux kernel, the following vulnerability has been resolved: mtd: nand: ecc-mxic: Fix use of uninitialized variable ret If ctx-steps is zero, the loop processing ECC steps is skipped, and the variable ret remains uninitialized. It is later checked and returned, which leads to undefined...