19145 matches found
EUVD-2025-201917
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device contains a USB port which allows unauthenticated connections. This could allow an attacker with physical access to the device to trigger reboot that could cause denial of service condition...
EUVD-2023-60156
In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbcbulkwrite fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbctrace is called. Reserve an extra byte,...
CVE-2025-62109
Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through = 8.9.4...
CVE-2023-53851
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Drop aux devices together with DP controller Using devres to depopulate the aux bus made sure that upon a probe deferral the EDP panel device would be destroyed and recreated upon next attempt. But the struct device...
DEBIAN-CVE-2023-53840
In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbcbulkwrite fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbctrace is called. Reserve an extra byte,...
CVE-2025-62109
CVE-2025-62109 maps to a WordPress Geo Controller plugin cf-geoplugin information disclosure vulnerability. Connected sources describe an insertion of sensitive information into sent data, enabling retrieval of embedded sensitive data, affecting Geo Controller versions up to 8.9.4. The weakness i...
CVE-2025-62109 WordPress Geo Controller plugin <= 8.9.4 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through = 8.9.4...
CVE-2025-62109 WordPress Geo Controller plugin <= 8.9.4 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through = 8.9.4...
CLSA-2025-1765285897 Fix CVE(s): CVE-2021-3738
SECURITY UPDATE: use after free in Samba AD DC RPC server - debian/patches/CVE-2021-3738-pre.patch: prepare service routines before fixing CVE-2021-3738 - debian/patches/CVE-2021-3738.patch: avoids a crash caused by use-after-free in Samba AD DC RPC server - CVE-2021-3738.patch...
CVE-2025-40940
CVE-2025-40940 affects Siemens SIMATIC CN 4100 (all versions
CVE-2025-40938
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...
Bluetooth: hci_event: validate skb length for unknown CC opcode
...
Schneider Electric EcoStruxure Foxboro DCS Advisor
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...
EUVD-2022-55710
In the Linux kernel, the following vulnerability has been resolved: scsi: hpsa: Fix possible memory leak in hpsainitone The hpdaallocctlrinfo allocates h and its field replymap. However, in hpsainitone, if allocpercpu failed, the hpsainitone jumps to clean1 directly, which frees h and leaks the...
CVE-2023-53851 drm/msm/dp: Drop aux devices together with DP controller
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Drop aux devices together with DP controller Using devres to depopulate the aux bus made sure that upon a probe deferral the EDP panel device would be destroyed and recreated upon next attempt. But the struct device...
CVE-2023-53851
CVE-2023-53851 (Linux kernel, drm/msm/dp): Root cause is use of devres to depopulate the DP AUX bus, which could destroy and recreate an EDID-reading panel device after a probe deferral as the aux device’s struct can outlive the DP controller. Symptoms include EDID blocks filled with zeros or rar...
CVE-2023-53851
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Drop aux devices together with DP controller Using devres to depopulate the aux bus made sure that upon a probe deferral the EDP panel device would be destroyed and recreated upon next attempt. But the struct device...
CVE-2023-53837 drm/msm: fix NULL-deref on snapshot tear down
In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on snapshot tear down In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...
CVE-2023-53837
CVE-2023-53837 affects the Linux kernel in the drm/msm driver where deinitialization can dereference a NULL kms pointer during early init errors or on DPU-less platforms, causing a NULL-deref. The issue is resolved by the patch addressing NULL-deref on snapshot tear down (patchwork 525099). Conne...
CVE-2023-53837
In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on snapshot tear down In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...