Total
428 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40596 | 2 Microsoft, Splunk | 2 Windows, Splunk | 2025-02-28 | 7 High |
| In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine. | ||||
| CVE-2023-26084 | 1 Arm | 1 Aarch64cryptolib | 2025-02-27 | 3.7 Low |
| The armv8_dec_aes_gcm_full() API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable. | ||||
| CVE-2023-1513 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2025-02-25 | 3.3 Low |
| A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. | ||||
| CVE-2022-48352 | 1 Huawei | 2 Emui, Harmonyos | 2025-02-24 | 7.5 High |
| Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic. | ||||
| CVE-2022-27493 | 1 Intel | 4 Lapbc510, Lapbc510 Firmware, Lapbc710 and 1 more | 2025-02-18 | 7.8 High |
| Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable an escalation of privilege via local access. | ||||
| CVE-2024-26021 | 2025-02-13 | 2.3 Low | ||
| Improper initialization in the firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2023-5370 | 1 Freebsd | 1 Freebsd | 2025-02-13 | 5.5 Medium |
| On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. This resulted in no speculative execution workarounds being installed on CPU 0. | ||||
| CVE-2023-31926 | 1 Broadcom | 1 Brocade Fabric Operating System | 2025-02-13 | 7.1 High |
| System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0. | ||||
| CVE-2022-38083 | 1 Intel | 474 Core I5-7640x, Core I5-7640x Firmware, Core I7-3820 and 471 more | 2025-02-13 | 6.1 Medium |
| Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2024-31157 | 1 Redhat | 1 Enterprise Linux | 2025-02-13 | 5.3 Medium |
| Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2022-32579 | 1 Intel | 4 Lapbc510, Lapbc510 Firmware, Lapbc710 and 1 more | 2025-02-10 | 6.9 Medium |
| Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access. | ||||
| CVE-2023-25010 | 1 Autodesk | 1 Maya Usd | 2025-02-06 | 7.8 High |
| A malicious actor may convince a victim to open a malicious USD file that may trigger an uninitialized variable which may result in code execution. | ||||
| CVE-2022-37334 | 1 Intel | 22 Nuc 11 Pro Board Nuc11tnbi30z, Nuc 11 Pro Board Nuc11tnbi30z Firmware, Nuc 11 Pro Board Nuc11tnbi50z and 19 more | 2025-02-05 | 7 High |
| Improper initialization in BIOS firmware for some Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards before version TNTGL357.0064 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-27934 | 1 Apple | 1 Macos | 2025-01-29 | 8.8 High |
| A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution. | ||||
| CVE-2024-22064 | 1 Zte | 1 Zxun-epdg | 2025-01-28 | 8.3 High |
| ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked, the user session informations using the keys may be leaked. | ||||
| CVE-2022-32231 | 1 Intel | 362 Xeon Bronze 3104, Xeon Bronze 3104 Firmware, Xeon Bronze 3106 and 359 more | 2025-01-27 | 7.5 High |
| Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-30704 | 1 Intel | 934 Celeron 1000m, Celeron 1000m Firmware, Celeron 1005m and 931 more | 2025-01-27 | 7.2 High |
| Improper initialization in the Intel(R) TXT SINIT ACM for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-34153 | 1 Intel | 1 Battery Life Diagnostic Tool | 2025-01-27 | 8.2 High |
| Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-31477 | 1 Intel | 70 Cm11ebc4w, Cm11ebc4w Firmware, Cm11ebi38w and 67 more | 2025-01-27 | 4 Medium |
| Improper initialization for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2024-45289 | 1 Freebsd | 1 Freebsd | 2025-01-10 | 7.5 High |
| The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch(1) to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a certificate included in the revocation file passed to the --crl option. | ||||