Vulnerability of software for modeling, designing, and drawing in AutoCAD, related to errors during initialization of variables, allowing attackers to trigger a service failure and gain unauthorized access to protected information.

The vulnerability of software for modeling, designing, and drawing in AutoCAD is related to errors during initialization of variables. Exploiting this vulnerability can allow attackers to cause service failures and gain unauthorized access to protected information using a specially created...

PT-2025-14992 · Unknown · Bowo Variable Inspector

Name of the Vulnerable Software and Affected Versions: Bowo Variable Inspector versions through 2.6.3 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions through...

WordPress plugin Variable Inspector 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Vulnerability of software for modeling, designing, and drawing in AutoCAD, related to errors during initialization of variables, allowing a hacker to trigger a service failure

The vulnerability of software for modeling, designing, and drawing in AutoCAD is related to errors during initialization of variables. Exploiting this vulnerability can allow attackers to cause service failures and gain unauthorized access to protected information using a specially created...

Vulnerability of software for modeling, designing, and drawing in AutoCAD, related to errors during initialization of variables, allowing attackers to trigger a service failure and gain unauthorized access to protected information.

The vulnerability of software for modeling, designing, and drawing in AutoCAD is related to errors during initialization of variables. Exploiting this vulnerability can allow attackers to cause service failures and gain unauthorized access to protected information using a specially created...

UBUNTU-CVE-2025-21998

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer...

CVE-2025-21996 drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix uninitialized size issue in radeonvcecsparse On the off chance that command stream passed from userspace via ioctl call to radeonvcecsparse is weirdly crafted and first command to execute is to encode case...

CVE-2025-21996

The CVE-2025-21996 entry concerns the Linux kernel, specifically drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse(). The root cause is that, when a user-space command stream via ioctl to radeon_vce_cs_parse() begins with an encode (case 0x03000001), the function may call radeon_vce...

RHEL 8 : freetype (RHSA-2025:3421)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3421 advisory. FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs...

CVE-2025-24191

The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system...

CVE-2025-24191

CVE-2025-24191 affects macOS Sequoia prior to 15.4. Root cause: improved validation of environment variables; an app could modify protected parts of the file system. Remediation: upgrade to macOS Sequoia 15.4 (addresses the issue). Public exploitation status is not detailed in the provided docume...

Important: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

CVE-2025-1449

A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Agentless Device Inventory ADI capability deprecated since the 1.36 release allows users to change a variable with...

Important: Red Hat Security Advisory: freetype security update

An update for freetype is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

grub2: net: Out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...