CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-57910	iio: light: vcnl4035: fix information leak in triggered buffer Description: In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to userspace from a triggered buffer, but it does not set an initial value for the single data element, which is an u16 aligned to 8 bytes. That leaves at least 4 bytes uninitialized even after writing an integer value with regmap_read(). Initialize the array to zero before using it to avoid pushing uninitialized information to userspace. EPSS Score: 0.04% Source: CVE January 20th, 2025 (6 months ago)
CVE-2024-57909	iio: light: bh1745: fix information leak in triggered buffer Description: In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace. EPSS Score: 0.04% Source: CVE January 20th, 2025 (6 months ago)
CVE-2024-57908	iio: imu: kmx61: fix information leak in triggered buffer Description: In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. Initialize the array to zero before using it to avoid pushing uninitialized information to userspace. EPSS Score: 0.04% Source: CVE January 20th, 2025 (6 months ago)
CVE-2024-57907	iio: adc: rockchip_saradc: fix information leak in triggered buffer Description: In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace. EPSS Score: 0.04% Source: CVE January 20th, 2025 (6 months ago)
CVE-2024-57906	iio: adc: ti-ads8688: fix information leak in triggered buffer Description: In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. Initialize the array to zero before using it to avoid pushing uninitialized information to userspace. EPSS Score: 0.04% Source: CVE January 20th, 2025 (6 months ago)
CVE-2024-57905	iio: adc: ti-ads1119: fix information leak in triggered buffer Description: In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it has a hole between the sample (unsigned int) and the timestamp. This hole is never initialized. Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace. EPSS Score: 0.04% Source: CVE January 20th, 2025 (6 months ago)
CVE-2024-57904	iio: adc: at91: call input_free_device() on allocated iio_dev Description: In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91: call input_free_device() on allocated iio_dev Current implementation of at91_ts_register() calls input_free_deivce() on st->ts_input, however, the err label can be reached before the allocated iio_dev is stored to st->ts_input. Thus call input_free_device() on input instead of st->ts_input. EPSS Score: 0.04% Source: CVE January 20th, 2025 (6 months ago)
	A Threat Actor Claims to be Selling Data of Carrefour Description: A Threat Actor Claims to be Selling Data of Carrefour Source: DarkWebInformer January 19th, 2025 (6 months ago)
	TikTok is back up in the US after Trump says he will extend deadline Description: TikTok is back up in the United States after Trump announced today that he would extend a 90-day deadline for the company to find a U.S. purchaser. [...] Source: BleepingComputer January 19th, 2025 (6 months ago)
	OpenAI's ChatGPT crawler can be tricked into DDoSing sites, answering your queries Source: TheRegister January 19th, 2025 (6 months ago)