278 matches found
CVE-2026-53283
CVE-2026-53283 covers a bounds-check failure in the Linux kernel AMD IOMMU path. The issue arises in __rlookup_amd_iommu(): rlookup_table[devid] is indexed without an internal bounds check, and iommu_device_register() iterates all PCI devices, calling amd_iommu_probe_device() for each. If a devic...
CVE-2026-9219 Setracker2 Children's Smartwatch Ecosystem Generation of Predictable Numbers or Identifiers
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior have a predictable registration ID derived from IMEI. The enrollment system lacks additional authentication before assignment. If an attacker is able to obtain the registration ID, they would be able to arbitrarily...
CVE-2026-53053
In the Linux kernel’s IOMMU AMD path, CVE-2026-53053 affects the clone_alias() flow used by pci_for_each_dma_alias(). The issue arises because clone_alias() previously assumed its first argument (pdev) was always the original device pointer. The code path may pass either the original or an alias,...
MINI-C28C-X2W5-3XRG
Bulletin has no description...
PT-2026-51412
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A rate limit bypass exists in the 'channel self' endpoint. Attackers can circumvent rate limiting by rotating the user-controlled device id parameter, enabling them to send multiple requests per...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: 9p/xen: fixed the issue of releasing the IRQ twice. Kernel logs indicate that the IRQ was released twice. The correct device ID must be passed during the IRQ release process. Dominique: removed the confusing variable “reset” to 0...
MINI-3VHP-FR42-JMFW
Bulletin has no description...
CVE-2026-53982
Cap-go Console 12.28.2 contains a denial-of-service vulnerability in its account deletion flow that allows an attacker to block authentication and onboarding functions by triggering account deletion while a device identifier is linked to the active session. The platform incorrectly associates the...
MINI-F999-9C4V-QF8P
Bulletin has no description...
CVE-2026-53982 Cap-go Console < 12.28.2 Account Deletion DoS via Device Identifier Association
Cap-go Console 12.28.2 contains a denial-of-service vulnerability in its account deletion flow that allows an attacker to block authentication and onboarding functions by triggering account deletion while a device identifier is linked to the active session. The platform incorrectly associates the...
CVE-2026-53982 Cap-go Console < 12.28.2 Account Deletion DoS via Device Identifier Association
Cap-go Console 12.28.2 contains a denial-of-service vulnerability in its account deletion flow that allows an attacker to block authentication and onboarding functions by triggering account deletion while a device identifier is linked to the active session. The platform incorrectly associates the...
CVE-2026-53982
Capgo Console before 12.28.2 contains a denial‑of‑service vulnerability in the account deletion flow. Triggering account deletion while a device identifier is linked to the active session ties the deletion state to that device, causing the affected device or browser to be redirected to an account...
MINI-723V-XWJJ-XP2X
Bulletin has no description...
PT-2026-48935
Name of the Vulnerable Software and Affected Versions Capgo Console versions prior to 12.28.2 Description A denial-of-service issue exists in the account deletion flow. An attacker can block authentication and onboarding functions by triggering account deletion while a device identifier is linked...
MINI-GW53-96J3-R3JJ
Bulletin has no description...
MINI-CM29-V9R7-6GM5
Bulletin has no description...
MINI-C727-X8M9-2XCP
Bulletin has no description...
MINI-MQ9J-V6JH-F42H
Bulletin has no description...
MINI-VHF4-RVPM-7RMR
Bulletin has no description...
MINI-Q24V-XVMM-RCWG
Bulletin has no description...