8293 matches found
CVE-2025-41731
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the...
PT-2025-46413
Name of the Vulnerable Software and Affected Versions Intel UEFI reference platforms affected versions not specified Description The kernel on some Intel UEFI reference platforms contains debug code that may allow a denial of service and escalation of privilege. A system software adversary with...
PT-2025-46533
Name of the Vulnerable Software and Affected Versions Spectrum Power versions prior to 4.70 SP12 Update 2 Description The application contains a flaw that allows local privilege escalation. An exposed debug interface on localhost enables any local user to gain code execution as an administrative...
CVE-2025-41731
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the...
CVE-2025-41731 Jumo: Insufficient entropy in PRNG may lead to root access
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the...
CVE-2025-41731 Jumo: Insufficient entropy in PRNG may lead to root access
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the...
EUVD-2025-44036
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the...
CVE-2025-41731
CVE-2025-41731 involves Jumo variTRON300 devices where the password for the debug interface is generated from a weak PRNG. An unauthenticated local attacker who knows the password-generation timeframe could brute-force the password in a timely manner and gain root access if the debug interface re...
PT-2025-45604
Name of the Vulnerable Software and Affected Versions Jumo variTRON300 affected versions not specified Description A flaw exists in the password generation algorithm when accessing the debug interface. An unauthenticated local attacker who knows the password generation timeframe may be able to...
CVE-2025-12910
Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. Chromium security severity: Low...
CVE-2025-12910
Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. Chromium security severity: Low...
DEBIAN-CVE-2025-12910
Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. Chromium security severity: Low...
Google Chrome 安全漏洞
Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from a Passkeys mal-implementation vulnerability, which can be exploited by an attacker to obtain sensitive information via debug logs...
CVE-2025-12910
CVE-2025-12910 describes an improper Passkeys implementation in Google Chrome/Chromium that allows a local attacker to obtain potentially sensitive information via debug logs. The vulnerability is tied to Chrome/Chromium’s Passkeys handling and is classified with a low severity in Chromium’s metr...
CVE-2025-12910
Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. Chromium security severity: Low...
CVE-2025-12910
Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. Chromium security severity: Low...
CVE-2025-12910
Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. Chromium security severity: Low...
EUVD-2025-38335
Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. Chromium security severity: Low...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990534)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990534 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990566)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990566 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add...