CWE-824
Access of Uninitialized Pointer
The product accesses or uses a pointer that has not been initialized.
CVE-2024-9258 (GCVE-0-2024-9258)
Vulnerability from cvelistv5 – Published: 2024-11-22 21:11 – Updated: 2024-11-25 16:06
VLAI
Title
IrfanView SID File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
Summary
IrfanView SID File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SID files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23276.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
Date Public
2024-10-11 22:05
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "irfanview",
"vendor": "irfanview",
"versions": [
{
"lessThan": "4.67",
"status": "affected",
"version": "4.66",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9258",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T16:06:31.934625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T16:06:35.123Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "IrfanView",
"vendor": "IrfanView",
"versions": [
{
"status": "affected",
"version": "4.66 64bit"
}
]
}
],
"dateAssigned": "2024-09-26T19:41:44.721Z",
"datePublic": "2024-10-11T22:05:57.746Z",
"descriptions": [
{
"lang": "en",
"value": "IrfanView SID File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SID files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23276."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824: Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T21:11:10.217Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1370",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1370/"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "IrfanView SID File Parsing Uninitialized Pointer Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-9258",
"datePublished": "2024-11-22T21:11:10.217Z",
"dateReserved": "2024-09-26T19:41:44.693Z",
"dateUpdated": "2024-11-25T16:06:35.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1047 (GCVE-0-2025-1047)
Vulnerability from cvelistv5 – Published: 2025-04-23 16:44 – Updated: 2025-04-23 18:24
VLAI
Title
Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability
Summary
Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of pvs files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23694.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://download.keyshot.com/cert/ksa-113962/ksa-… | vendor-advisory |
Impacted products
Date Public
2025-04-09 20:30
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1047",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T18:07:24.294375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:24:59.949Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "KeyShot",
"vendor": "Luxion",
"versions": [
{
"status": "affected",
"version": "2024 13.0.0 Build 92 4.10.171"
}
]
}
],
"dateAssigned": "2025-02-04T21:01:46.831Z",
"datePublic": "2025-04-09T20:30:53.610Z",
"descriptions": [
{
"lang": "en",
"value": "Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of pvs files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23694."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824: Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:44:02.108Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-232",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-232/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://download.keyshot.com/cert/ksa-113962/ksa-113962.pdf?version=1.0\u0026_gl=1*1x6i3a*_gcl_au*MTU0ODMwNDI4Ny4xNzQzNTUyMjcx"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-1047",
"datePublished": "2025-04-23T16:44:02.108Z",
"dateReserved": "2025-02-04T21:01:46.801Z",
"dateUpdated": "2025-04-23T18:24:59.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-13499 (GCVE-0-2025-13499)
Vulnerability from cvelistv5 – Published: 2025-11-21 06:03 – Updated: 2026-03-27 13:56
VLAI
Title
Access of Uninitialized Pointer in Wireshark
Summary
Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.wireshark.org/security/wnpa-sec-2025-… | |
| https://gitlab.com/wireshark/wireshark/-/issues/20823 | issue-trackingpermissions-required |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wireshark Foundation | Wireshark |
Affected:
4.6.0
Affected: 4.4.0 , < 4.4.11 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13499",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-22T04:55:20.177632Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:40.594Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Wireshark",
"vendor": "Wireshark Foundation",
"versions": [
{
"status": "affected",
"version": "4.6.0"
},
{
"lessThan": "4.4.11",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824: Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T13:56:58.105Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://www.wireshark.org/security/wnpa-sec-2025-06.html"
},
{
"name": "GitLab Issue #20823",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/20823"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 4.6.1, 4.4.11, or above"
}
],
"title": "Access of Uninitialized Pointer in Wireshark"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2025-13499",
"datePublished": "2025-11-21T06:03:52.020Z",
"dateReserved": "2025-11-21T05:33:17.924Z",
"dateUpdated": "2026-03-27T13:56:58.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13674 (GCVE-0-2025-13674)
Vulnerability from cvelistv5 – Published: 2025-11-26 11:33 – Updated: 2026-03-27 13:56
VLAI
Title
Access of Uninitialized Pointer in Wireshark
Summary
BPv7 dissector crash in Wireshark 4.6.0 allows denial of service
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.wireshark.org/security/wnpa-sec-2025-… | |
| https://gitlab.com/wireshark/wireshark/-/issues/20770 | issue-trackingpermissions-required |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wireshark Foundation | Wireshark |
Affected:
4.6.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13674",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-26T14:06:08.560289Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-26T14:06:22.685Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Wireshark",
"vendor": "Wireshark Foundation",
"versions": [
{
"status": "affected",
"version": "4.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BPv7 dissector crash in Wireshark 4.6.0 allows denial of service"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824: Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T13:56:58.384Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://www.wireshark.org/security/wnpa-sec-2025-05.html"
},
{
"name": "GitLab Issue #20770",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/20770"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 4.6.1 or above"
}
],
"title": "Access of Uninitialized Pointer in Wireshark"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2025-13674",
"datePublished": "2025-11-26T11:33:39.916Z",
"dateReserved": "2025-11-25T18:33:44.747Z",
"dateUpdated": "2026-03-27T13:56:58.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14739 (GCVE-0-2025-14739)
Vulnerability from cvelistv5 – Published: 2025-12-18 18:02 – Updated: 2026-02-26 16:07 Unsupported When Assigned
VLAI
Title
Uninitialized Pointer Vulnerability in TP-Link WR940N and WR941ND
Summary
Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack
and potentially arbitrary code execution
under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316,
≤
WR941ND v6 3.16.9 Build 151203.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link Systems Inc. | WR940N and WR941ND |
Affected:
0 , ≤ WR940N v5 3.20.1 Build 200316
(custom)
Affected: 0 , ≤ WR941ND v6 3.16.9 Build 151203 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T04:55:46.816730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:27.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WR940N and WR941ND",
"vendor": "TP-Link Systems Inc.",
"versions": [
{
"lessThanOrEqual": "WR940N v5 3.20.1 Build 200316",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "WR941ND v6 3.16.9 Build 151203",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "VulnCheck"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows\u0026nbsp;local unauthenticated attackers the ability to execute DoS attack \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand potentially arbitrary code execution\u003c/span\u003e\n\nunder the context of the \u2018root\u2019 user.\u003cp\u003eThis issue affects WR940N and WR941ND: \u2264 WR940N v5 3.20.1 Build 200316, \n\n\u2264\n\n WR941ND v6 3.16.9 Build 151203.\u003c/p\u003e"
}
],
"value": "Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows\u00a0local unauthenticated attackers the ability to execute DoS attack \n\nand potentially arbitrary code execution\n\nunder the context of the \u2018root\u2019 user.This issue affects WR940N and WR941ND: \u2264 WR940N v5 3.20.1 Build 200316, \n\n\u2264\n\n WR941ND v6 3.16.9 Build 151203."
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129 Pointer Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T19:37:03.298Z",
"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"shortName": "TPLink"
},
"references": [
{
"url": "https://www.tp-link.com/us/support/download/tl-wr941nd/#Firmware"
},
{
"url": "https://www.tp-link.com/us/support/download/tl-wr940n/v5/#Firmware"
},
{
"url": "https://blog.exodusintel.com/2022/06/23/tp-link-wr940n-wr941nd-uninitialized-pointer-vulnerability/"
},
{
"url": "https://www.tp-link.com/us/support/faq/4848/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Uninitialized Pointer Vulnerability in TP-Link WR940N and WR941ND",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"assignerShortName": "TPLink",
"cveId": "CVE-2025-14739",
"datePublished": "2025-12-18T18:02:04.697Z",
"dateReserved": "2025-12-15T18:35:29.224Z",
"dateUpdated": "2026-02-26T16:07:27.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1761 (GCVE-0-2025-1761)
Vulnerability from cvelistv5 – Published: 2025-09-08 22:13 – Updated: 2025-09-09 13:30
VLAI
Title
IBM Concert Software information disclosure
Summary
IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7244230 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Concert Software |
Affected:
1.0.0 , ≤ 1.1.0
(semver)
cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:concert:1.1.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1761",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-09T13:15:37.932644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T13:30:27.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:concert:1.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Concert Software",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "1.1.0",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory."
}
],
"value": "IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Improper Clearing of Heap Memory Before Release (\u0027Heap Inspection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T22:13:50.248Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7244230"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading to IBM Concert Software 2.0.0\u003c/p\u003e\u003cp\u003eDownload IBM Concert Software 2.0.0 from Container software library section of IBM Entitled Registry (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://myibm.ibm.com/products-services/containerlibrary\"\u003eICR\u003c/a\u003e) and follow \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/concert?topic=installing-preparing-run-installs-from-private-container-registry\"\u003einstallation instructions\u003c/a\u003e\u0026nbsp;depending on the type of deployment.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerability now by upgrading to IBM Concert Software 2.0.0\n\nDownload IBM Concert Software 2.0.0 from Container software library section of IBM Entitled Registry ( ICR https://myibm.ibm.com/products-services/containerlibrary ) and follow installation instructions https://www.ibm.com/docs/en/concert \u00a0depending on the type of deployment."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Concert Software information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-1761",
"datePublished": "2025-09-08T22:13:50.248Z",
"dateReserved": "2025-02-27T16:33:31.328Z",
"dateUpdated": "2025-09-09T13:30:27.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2173 (GCVE-0-2025-2173)
Vulnerability from cvelistv5 – Published: 2025-03-11 06:31 – Updated: 2025-03-11 13:47
VLAI
Title
libzvbi conv.c vbi_strndup_iconv_ucs2 uninitialized pointer
Summary
A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. The patch is identified as 8def647eea27f7fd7ad33ff79c2d6d3e39948dce. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.
Severity
5.3 (Medium)
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.299202 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.299202 | signaturepermissions-required |
| https://vuldb.com/?submit.512798 | third-party-advisory |
| https://github.com/zapping-vbi/zvbi/security/advi… | related |
| https://github.com/zapping-vbi/zvbi/commit/8def64… | patch |
| https://github.com/zapping-vbi/zvbi/releases/tag/… | patch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | libzvbi |
Affected:
0.2.0
Affected: 0.2.1 Affected: 0.2.2 Affected: 0.2.3 Affected: 0.2.4 Affected: 0.2.5 Affected: 0.2.6 Affected: 0.2.7 Affected: 0.2.8 Affected: 0.2.9 Affected: 0.2.10 Affected: 0.2.11 Affected: 0.2.12 Affected: 0.2.13 Affected: 0.2.14 Affected: 0.2.15 Affected: 0.2.16 Affected: 0.2.17 Affected: 0.2.18 Affected: 0.2.19 Affected: 0.2.20 Affected: 0.2.21 Affected: 0.2.22 Affected: 0.2.23 Affected: 0.2.24 Affected: 0.2.25 Affected: 0.2.26 Affected: 0.2.27 Affected: 0.2.28 Affected: 0.2.29 Affected: 0.2.30 Affected: 0.2.31 Affected: 0.2.32 Affected: 0.2.33 Affected: 0.2.34 Affected: 0.2.35 Affected: 0.2.36 Affected: 0.2.37 Affected: 0.2.38 Affected: 0.2.39 Affected: 0.2.40 Affected: 0.2.41 Affected: 0.2.42 Affected: 0.2.43 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T13:46:53.127947Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T13:47:03.081Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "libzvbi",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "0.2.0"
},
{
"status": "affected",
"version": "0.2.1"
},
{
"status": "affected",
"version": "0.2.2"
},
{
"status": "affected",
"version": "0.2.3"
},
{
"status": "affected",
"version": "0.2.4"
},
{
"status": "affected",
"version": "0.2.5"
},
{
"status": "affected",
"version": "0.2.6"
},
{
"status": "affected",
"version": "0.2.7"
},
{
"status": "affected",
"version": "0.2.8"
},
{
"status": "affected",
"version": "0.2.9"
},
{
"status": "affected",
"version": "0.2.10"
},
{
"status": "affected",
"version": "0.2.11"
},
{
"status": "affected",
"version": "0.2.12"
},
{
"status": "affected",
"version": "0.2.13"
},
{
"status": "affected",
"version": "0.2.14"
},
{
"status": "affected",
"version": "0.2.15"
},
{
"status": "affected",
"version": "0.2.16"
},
{
"status": "affected",
"version": "0.2.17"
},
{
"status": "affected",
"version": "0.2.18"
},
{
"status": "affected",
"version": "0.2.19"
},
{
"status": "affected",
"version": "0.2.20"
},
{
"status": "affected",
"version": "0.2.21"
},
{
"status": "affected",
"version": "0.2.22"
},
{
"status": "affected",
"version": "0.2.23"
},
{
"status": "affected",
"version": "0.2.24"
},
{
"status": "affected",
"version": "0.2.25"
},
{
"status": "affected",
"version": "0.2.26"
},
{
"status": "affected",
"version": "0.2.27"
},
{
"status": "affected",
"version": "0.2.28"
},
{
"status": "affected",
"version": "0.2.29"
},
{
"status": "affected",
"version": "0.2.30"
},
{
"status": "affected",
"version": "0.2.31"
},
{
"status": "affected",
"version": "0.2.32"
},
{
"status": "affected",
"version": "0.2.33"
},
{
"status": "affected",
"version": "0.2.34"
},
{
"status": "affected",
"version": "0.2.35"
},
{
"status": "affected",
"version": "0.2.36"
},
{
"status": "affected",
"version": "0.2.37"
},
{
"status": "affected",
"version": "0.2.38"
},
{
"status": "affected",
"version": "0.2.39"
},
{
"status": "affected",
"version": "0.2.40"
},
{
"status": "affected",
"version": "0.2.41"
},
{
"status": "affected",
"version": "0.2.42"
},
{
"status": "affected",
"version": "0.2.43"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ninpwn (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. The patch is identified as 8def647eea27f7fd7ad33ff79c2d6d3e39948dce. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional."
},
{
"lang": "de",
"value": "Es wurde eine problematische Schwachstelle in libzvbi bis 0.2.43 ausgemacht. Es geht dabei um die Funktion vbi_strndup_iconv_ucs2 der Datei src/conv.c. Mit der Manipulation des Arguments src_length mit unbekannten Daten kann eine uninitialized pointer-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 0.2.44 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 8def647eea27f7fd7ad33ff79c2d6d3e39948dce bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T06:31:05.166Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-299202 | libzvbi conv.c vbi_strndup_iconv_ucs2 uninitialized pointer",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.299202"
},
{
"name": "VDB-299202 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.299202"
},
{
"name": "Submit #512798 | Open Source libzvbi 0.2.43 Unitinialized Heap Read",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.512798"
},
{
"tags": [
"related"
],
"url": "https://github.com/zapping-vbi/zvbi/security/advisories/GHSA-g7cg-7gw9-v8cf"
},
{
"tags": [
"patch"
],
"url": "https://github.com/zapping-vbi/zvbi/commit/8def647eea27f7fd7ad33ff79c2d6d3e39948dce"
},
{
"tags": [
"patch"
],
"url": "https://github.com/zapping-vbi/zvbi/releases/tag/v0.2.44"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-11T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-11T07:18:06.000Z",
"value": "VulDB entry last update"
}
],
"title": "libzvbi conv.c vbi_strndup_iconv_ucs2 uninitialized pointer"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-2173",
"datePublished": "2025-03-11T06:31:05.166Z",
"dateReserved": "2025-03-10T17:26:53.636Z",
"dateUpdated": "2025-03-11T13:47:03.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2284 (GCVE-0-2025-2284)
Vulnerability from cvelistv5 – Published: 2025-03-13 16:35 – Updated: 2025-03-17 13:55
VLAI
Title
Santesoft Sante PACS Server Access of Uninitialized Pointer DoS
Summary
A denial-of-service vulnerability exists in the "GetWebLoginCredentials" function in "Sante PACS Server.exe".
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Santesoft | Sante PACS Server |
Affected:
4.1.0
Unaffected: 4.2.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2284",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-17T13:55:21.967910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T13:55:32.461Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sante PACS Server",
"vendor": "Santesoft",
"versions": [
{
"status": "affected",
"version": "4.1.0"
},
{
"status": "unaffected",
"version": "4.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A denial-of-service vulnerability exists in the \"GetWebLoginCredentials\" function in \"Sante PACS Server.exe\"."
}
],
"value": "A denial-of-service vulnerability exists in the \"GetWebLoginCredentials\" function in \"Sante PACS Server.exe\"."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T16:35:45.891Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2025-08"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Santesoft Sante PACS Server Access of Uninitialized Pointer DoS",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2025-2284",
"datePublished": "2025-03-13T16:35:45.891Z",
"dateReserved": "2025-03-13T15:25:34.326Z",
"dateUpdated": "2025-03-17T13:55:32.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23352 (GCVE-0-2025-23352)
Vulnerability from cvelistv5 – Published: 2025-10-23 18:36 – Updated: 2026-02-26 16:57
VLAI
Summary
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | Virtual GPU Manager |
Affected:
580.82.02(All versions up to and including the August 2025 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.82.02(All versions prior to and including vGPU 19.1)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
570.172.07(All versions prior to and including vGPU 18.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.261.04(All versions prior to and including vGPU 16.11)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23352",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-24T03:55:22.287982Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:57:11.693Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(R580 Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.02(All versions up to and including the August 2025 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.82.02(All versions prior to and including vGPU 19.1)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R570 vGPU 18)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.172.07(All versions prior to and including vGPU 18.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.261.04(All versions prior to and including vGPU 16.11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
}
],
"value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Escalation of Privileges, Data Tampering, Code Execution, Information Disclosure, Denial of Service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:36:22.125Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23352"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23352"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5703"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-23352",
"datePublished": "2025-10-23T18:36:22.125Z",
"dateReserved": "2025-01-14T01:07:26.680Z",
"dateUpdated": "2026-02-26T16:57:11.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-2530 (GCVE-0-2025-2530)
Vulnerability from cvelistv5 – Published: 2025-03-25 14:16 – Updated: 2025-03-25 14:43
VLAI
Title
Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability
Summary
Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of dae files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23698.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
Date Public
2025-03-20 14:16
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2530",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-25T14:43:45.980240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:43:52.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "KeyShot",
"vendor": "Luxion",
"versions": [
{
"status": "affected",
"version": "2024 13.0.0 Build 92 4.10.171"
}
]
}
],
"dateAssigned": "2025-03-19T15:10:42.851Z",
"datePublic": "2025-03-20T14:16:49.133Z",
"descriptions": [
{
"lang": "en",
"value": "Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of dae files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23698."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824: Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:16:48.906Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-173",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-173/"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-2530",
"datePublished": "2025-03-25T14:16:48.906Z",
"dateReserved": "2025-03-19T15:10:42.796Z",
"dateUpdated": "2025-03-25T14:43:52.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.