CVE-2017-18306

Information disclosure due to uninitialized variable...

CVE-2017-18306 Information Exposure in Camera Driver

Information disclosure due to uninitialized variable...

AnythingLLM Information Disclosure Vulnerability

AnythingLLM is a chatbot application that supports building using commercial or open source big language models combined with a private knowledge base. An information disclosure vulnerability exists in AnythingLLM, which can be exploited to obtain an API key from a process environment variable...

PT-2024-10596 · Qualcomm · Snapdragon +6

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue is related to information disclosure due to an uninitialized variable. This means that sensitive data may be exposed because a variable was not properly set before being...

CVE-2024-8842

PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2024-8842 PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability

PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2024-8842 PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability

PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2024-9717

CVE-2024-9717 affects Trimble SketchUp Viewer through the SKP file parser, where an uninitialized memory access allows remote code execution. The vulnerability enables an attacker to execute arbitrary code in the context of the target process when a user opens a malicious SKP file or visits a cra...

CVE-2024-9717 Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the...

CVE-2024-9717 Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the...

SUSE CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

SUSE CVE-2024-48992

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable...

The vulnerability of the needrestart utility, related to the uncontrolled element in the search process, allows a hacker to execute arbitrary code in the context of the root user.

The vulnerability of the needrestart utility is related to an uncontrolled element in the search process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the root user by manipulating the PYTHONPATH variable during Python initialization...

Trimble SketchUp 安全漏洞

Trimble SketchUp is a suite of 3D modeling programs for architects, urban planners, producers, game developers, and related professionals from Trimble USA. Trimble SketchUp suffers from a security vulnerability that stems from an issue with SKP file parsing containing an uninitialized variable. A...

PDF-XChange Editor 安全漏洞

PDF-XChange Editor is a PDF editor software and PDF reader. PDF-XChange Editor RTF file parsing has an uninitialized variable remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

Flowise OverrideConfig security vulnerability

Impact Flowise allows developers to inject configuration into the Chainflow during execution through the overrideConfig option. This is supported in both the frontend web integration and the backend Prediction API. This has a range of fundamental issues that are a major security vulnerability...

CVE-2024-50173

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tickctxcleanup The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated listhead, not a valid group. Get the ptdev...

PT-2024-35623

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc6 Description A use-after-free vulnerability has been identified in the Linux kernel, specifically in the open cached dir function. This vulnerability occurs when open cached dir encounters an error...

PT-2025-11201 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: The issue arises when a maliciously crafted CATPRODUCT file is parsed through Autodesk AutoCAD, leading to an Uninitialized Variable vulnerability. This can be exploited by a...

PT-2024-33310 · Arm · Mbed Os

Name of the Vulnerable Software and Affected Versions: MBed OS version 6.16.0 Description: An issue was discovered in the processing of HCI packets. The software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of...