158 matches found
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by a unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
The CVE-2025-15038 affected component is the ASUS Business System Control Interface driver. A vulnerability described as Out-of-Bounds allows a local, unprivileged user to craft an IOCTL request that can trigger kernel information disclosure or cause a system crash. The exposure is linked to loca...
CVE-2025-15037
An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...
EUVD-2025-208607
An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...
CVE-2025-15037
CVE-2025-15037 affects the ASUS Business System Control Interface driver. An unprivileged local user can trigger a crafted IOCTL request, potentially leading to unauthorized access to hardware resources and kernel information disclosure. References point to the ASUS Security Advisory for details....
ASUS Business System Control Interface 安全漏洞
ASUS Business System Control Interface is a system control interface developed by ASUS, a Chinese company. There is a security vulnerability in the ASUS Business System Control Interface. This vulnerability stems from excessive reading of data, which could allow unauthorized local users to access...
PT-2026-24910
🚨 CVE-2025-15038 An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by a unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash...
CVE-2026-1341
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...
CVE-2025-70311
JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do interface for attack...
CVE-2026-1341
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...
CVE-2026-1341 Missing Authentication for Critical Function in Avation Light Engine Pro
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...
CVE-2026-1341
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control, allowing an attacker to take full control of the device. The issue, documented across multiple sources (NVD, Red Hat, ENISA EUVD, CVE listing), indicates a network-accessible int...
CVE-2025-70311
JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do interface for attack...
JeeWMS 安全漏洞
JeeWMS is a JAVA-based warehouse management system developed by JeeWMS Corporation in China. Version 1.0 of JEEWMS has a security vulnerability, which stems from the id1 and id2 parameters in the /systemControl.do interface, making them vulnerable to SQL injection attacks...
CVE-2025-70311
JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do interface for attack...
MiracleLinux 9 : unbound-1.16.2-3.el9_3.5 (AXSA:2024-7682:03)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7682:03 advisory. A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime...
MiracleLinux 8 : unbound-1.16.2-5.el8_9.6 (AXSA:2024-7684:04)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7684:04 advisory. A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime...
CLSA-2026-1768395381 unbound: Fix of CVE-2024-1488
Fix CVE-2024-1488: improper access control for remote control interface Previous defaults allowed any process to change unbound settings...