Total
313 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-55118 | 2025-11-18 | N/A | 8.9 HIGH | ||
| Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: * Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "use_openssl=n"; * Control-M/Agent 9.0.21 and 9.0.22: Agent router configuration uses the non-default settings "JAVA_AR=N" and "use_openssl=n" | |||||
| CVE-2025-12902 | 2025-11-12 | N/A | 4.4 MEDIUM | ||
| Improper resource management in firmware of some Solidigm DC Products may allow an attacker with local or physical access to gain un-authorized access to a locked Storage Device or create a Denial of Service. | |||||
| CVE-2022-0847 | 7 Fedoraproject, Linux, Netapp and 4 more | 39 Fedora, Linux Kernel, H300e and 36 more | 2025-11-06 | 7.2 HIGH | 7.8 HIGH |
| A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. | |||||
| CVE-2023-27934 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 8.8 HIGH |
| A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution. | |||||
| CVE-2024-28084 | 2 Fedoraproject, Intel | 2 Fedora, Inet Wireless Daemon | 2025-11-04 | N/A | 7.5 HIGH |
| p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails. | |||||
| CVE-2024-38558 | 1 Linux | 1 Linux Kernel | 2025-11-04 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVS_PACKET_CMD_EXECUTE has 3 main attributes: - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format. - OVS_PACKET_ATTR_PACKET - Binary packet content. - OVS_PACKET_ATTR_ACTIONS - Actions to execute on the packet. OVS_PACKET_ATTR_KEY is parsed first to populate sw_flow_key structure with the metadata like conntrack state, input port, recirculation id, etc. Then the packet itself gets parsed to populate the rest of the keys from the packet headers. Whenever the packet parsing code starts parsing the ICMPv6 header, it first zeroes out fields in the key corresponding to Neighbor Discovery information even if it is not an ND packet. It is an 'ipv6.nd' field. However, the 'ipv6' is a union that shares the space between 'nd' and 'ct_orig' that holds the original tuple conntrack metadata parsed from the OVS_PACKET_ATTR_KEY. ND packets should not normally have conntrack state, so it's fine to share the space, but normal ICMPv6 Echo packets or maybe other types of ICMPv6 can have the state attached and it should not be overwritten. The issue results in all but the last 4 bytes of the destination address being wiped from the original conntrack tuple leading to incorrect packet matching and potentially executing wrong actions in case this packet recirculates within the datapath or goes back to userspace. ND fields should not be accessed in non-ND packets, so not clearing them should be fine. Executing memset() only for actual ND packets to avoid the issue. Initializing the whole thing before parsing is needed because ND packet may not contain all the options. The issue only affects the OVS_PACKET_CMD_EXECUTE path and doesn't affect packets entering OVS datapath from network interfaces, because in this case CT metadata is populated from skb after the packet is already parsed. | |||||
| CVE-2024-45018 | 1 Linux | 1 Linux Kernel | 2025-11-03 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload. | |||||
| CVE-2024-44947 | 1 Linux | 1 Linux Kernel | 2025-11-03 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fuse_notify_store(), unlike fuse_do_readpage(), does not enable page zeroing (because it can be used to change partial page contents). So fuse_notify_store() must be more careful to fully initialize page contents (including parts of the page that are beyond end-of-file) before marking the page uptodate. The current code can leave beyond-EOF page contents uninitialized, which makes these uninitialized page contents visible to userspace via mmap(). This is an information leak, but only affects systems which do not enable init-on-alloc (via CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y or the corresponding kernel command line parameter). | |||||
| CVE-2023-48361 | 2025-11-03 | N/A | 2.3 LOW | ||
| Improper initialization in firmware for some Intel(R) CSME may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2024-31157 | 2025-11-03 | N/A | 5.3 MEDIUM | ||
| Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2022-1122 | 3 Debian, Fedoraproject, Uclouvain | 3 Debian Linux, Fedora, Openjpeg | 2025-11-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. | |||||
| CVE-2024-36331 | 2025-11-03 | N/A | 3.2 LOW | ||
| Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. | |||||
| CVE-2025-21906 | 1 Linux | 1 Linux Kernel | 2025-10-31 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: clean up ROC on failure If the firmware fails to start the session protection, then we do call iwl_mvm_roc_finished() here, but that won't do anything at all because IWL_MVM_STATUS_ROC_P2P_RUNNING was never set. Set IWL_MVM_STATUS_ROC_P2P_RUNNING in the failure/stop path. If it started successfully before, it's already set, so that doesn't matter, and if it didn't start it needs to be set to clean up. Not doing so will lead to a WARN_ON() later on a fresh remain- on-channel, since the link is already active when activated as it was never deactivated. | |||||
| CVE-2020-27950 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-10-27 | 7.1 HIGH | 5.5 MEDIUM |
| A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory. | |||||
| CVE-2025-5745 | 1 Gnu | 1 Glibc | 2025-10-22 | N/A | 5.6 MEDIUM |
| The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program. | |||||
| CVE-2013-1675 | 5 Canonical, Debian, Mozilla and 2 more | 18 Ubuntu Linux, Debian Linux, Firefox and 15 more | 2025-10-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site. | |||||
| CVE-2025-22834 | 1 Ami | 1 Aptio V | 2025-10-02 | N/A | 4.2 MEDIUM |
| AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability. | |||||
| CVE-2025-5702 | 1 Gnu | 1 Glibc | 2025-10-01 | N/A | 5.6 MEDIUM |
| The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program. | |||||
| CVE-2024-25563 | 1 Intel | 14 Killer, Killer Wi-fi 6 Ax1650, Killer Wi-fi 6e Ax1675 and 11 more | 2025-09-29 | N/A | 3.4 LOW |
| Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2019-1761 | 1 Cisco | 2 Ios, Ios Xe | 2025-09-11 | 3.3 LOW | 4.3 MEDIUM |
| A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker could exploit this vulnerability by receiving HSRPv2 traffic from an adjacent HSRP member. A successful exploit could allow the attacker to receive potentially sensitive information from the adjacent device. | |||||