You’d be surprised to know what devices are still using Windows CE

Windows CE -- an operating system that, despite being out for 27 years, never had an official explanation for why it was called "CE" -- finally reached its official end-of-life period this week. This was Microsofts first operating system for embedded and pocket devices, making an appearance on...

The vulnerability of Android and Linux operating systems in Qualcomm embedded devices, related to the execution of operations outside of the buffer in memory, allows attackers to trigger system failures.

The vulnerability of Android and Linux operating systems in Qualcomm embedded devices lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to trigger a service failure by sending specially crafted DRM requests...

SUSE CVE-2006-1206

Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service connection slot exhaustion via a large number of connection attempts that exceeds the MAXUNAUTHCLIENTS defined value...

The vulnerability of the qsee journaling mechanism in microprogramming software for embedded Qualcomm devices allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the qsee journaling mechanism in microprogrammed software for embedded Qualcomm devices stems from the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and...

PT-2022-27417 · Nxp · Nxp Vybrid +10

Name of the Vulnerable Software and Affected Versions: NXP i.MX RT 1010 NXP i.MX RT 1015 NXP i.MX RT 1020 NXP i.MX RT 1050 NXP i.MX RT 1060 NXP i.MX 6 Family NXP i.MX 7Dual/Solo NXP i.MX 7ULP NXP i.MX 8M Quad NXP i.MX 8M Mini NXP Vybrid Description: An information-disclosure issue exists on selec...

Perth Dropbear 授权问题漏洞

Perth Dropbear is a lightweight SSH server/client software from the University of Perth, Australia that is primarily used in embedded devices. A security vulnerability exists in Perth Dropbear version 2020.81 and earlier, which stems from a non-RFC compatibility check of the authentication method...

Design/Logic Flaw

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

Vulnerability Spotlight: Vulnerabilities in popular library affect Unix-based devices

Lilith of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered a memory corruption vulnerability in the uClibC library that could affect any Unix-based devices that use this library. uClibC and uClibC-ng are lightweight replacements for the popular gLibc library, which is...

One of 5G’s Biggest Features Is a Security Minefield

New research found troubling vulnerabilities in the 5G platforms carriers offer to wrangle embedded device data...

Microsoft Azure Real Time Operating System 代码注入漏洞

Microsoft Azure Real Time Operating System Azure RTOS is an embedded development kit from Microsoft Corporation USA that includes a small but powerful operating system that delivers reliable, ultra-fast performance for resource-constrained devices. A code injection vulnerability exists in Microso...

Microsoft Azure Real Time Operating System 安全漏洞

Microsoft Azure Real Time Operating System Azure RTOS is an embedded development kit from Microsoft Corporation USA that includes a small but powerful operating system that delivers reliable, ultra-fast performance for resource-constrained devices. A security vulnerability exists in the Microsoft...

Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices

Cybersecurity researchers have disclosed two unpatched security vulnerabilities in the open-source U-Boot boot loader. The issues, which were uncovered in the IP defragmentation algorithm implemented in U-Boot by NCC Group, could be abused to achieve arbitrary out-of-bounds write and...

[SECURITY] [DLA 2915-1] connman security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2915-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 09, 2022 https://wiki.debian.org/LTS -...

Cesanta MJS 安全漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS v2.20.0 that could lead to a Denia...

Oracle Java SE Input Validation Error Vulnerability (CNVD-2022-15489)

Oracle Java SE is an Oracle Corporation USA product for developing and deploying Java applications on desktops, servers, and embedded devices and in real-time environments.Oracle Java SE is vulnerable to an input validation error that could be exploited by an attacker to potentially cause an...

Oracle Java SE Input Validation Error Vulnerability (CNVD-2022-15483)

Oracle Java SE, an Oracle company, is used to develop and deploy Java applications on desktops, servers, and embedded devices and in real-time environments.Oracle Java SE is vulnerable to an input validation error that could be exploited by an attacker to cause unauthorized read access to a subse...

A Log4j Retrospective Part 2: Data Exfiltration and Remote Code Execution Exploits

Akamai CTO Charlie Gero shows how the Log4j threat surface could extend to unpatchable embedded and IoT devices...

OpenWrt Cross-Site Scripting Vulnerability (CNVD-2022-00601)

OpenWrt, a Linux operating system for embedded devices, is vulnerable to a cross-site scripting vulnerability in version 21.02.1, which stems from a lack of effective filtering and escaping of user-submitted parameters in the Port Forwards Add Name screen. No detailed vulnerability details are...

OpenWrt Cross-Site Scripting Vulnerability (CNVD-2022-00600)

OpenWrt, a Linux operating system for embedded devices, is vulnerable to a cross-site scripting vulnerability in OpenWrt version 21.02.1, which stems from the lack of effective filtering and escaping of user-submitted parameters in the Traffic Rules Name screen. No detailed vulnerability details...

OpenWrt Cross-Site Scripting Vulnerability (CNVD-2022-00602)

OpenWrt, a Linux operating system for embedded devices, is vulnerable to a cross-site scripting vulnerability in OpenWrt version 21.02.1, which stems from the lack of effective filtering and escaping of user-submitted parameters in the NAT Rules Name screen. No detailed vulnerability details are...