14 matches found
CVE-2026-28701 Daktronics Controller Firmware Path Traversal
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005145)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005145 advisory. In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructe...
AZL-77319 CVE-2025-71152 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...
CVE-2025-71152 net: dsa: properly keep track of conduit reference
In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-387199)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387199 advisory. In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructe...
SUSE SLES15: kubevirt-container-disk / kubevirt-manifests / etc (SUSE-SU-2025:0215-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0215-1 advisory. Update to version 1.4.0 - Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.4.0 - Enable aarch64 build for SL...
SUSE-SU-2025:0215-1 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container
This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Update ...
CLSA-2025-1736783731 kernel: Fix of 10 CVEs
media: edia: dvbdev: fix a use-after-free CVE-2024-27043 - vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans CVE-2024-50264 - net/sched: stop qdisctreereducebacklog on TCHROOT CVE-2024-53057 - bpf: Fix out-of-bounds write in triegetnextkey CVE-2024-50262 - KVM: nSVM:...
CLSA-2024-1731430561 kernel: Fix of 31 CVEs
driver core: bus: Fix double free in driver API busregister CVE-2024-50055 - net: tun: Fix use-after-free in tundetach CVE-2022-49014 - memcg: fix possible use-after-free in memcgwriteeventcontrol CVE-2022-48988 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - drivers: media:...
SUSE-SU-2024:0441-1 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container
This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Update ...
CVE-2022-34762
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 an...
CVE-2020-25366
An issue in the component /cgi-bin/uploadfirmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service DoS via unspecified vectors...
Unspecified Vulnerability in Intelbras WRN240
Intelbras WRN240 is a wireless router from Intelbras Poland. A security vulnerability exists in the Intelbras WRN240 that stems from the program not authenticating firmware substitutions. An attacker can exploit the vulnerability by sending a POST request to the incoming/Firmware.cfg URI to repla...
Wireless IP Camera (P2P) WIFICAM Sensitive Information Disclosure Vulnerability (CNVD-2017-06906)
Wireless IP Camera P2P WIFICAM is a remote IP camera. A security vulnerability exists in the Wireless IP Camera P2P WIFICAM device that originates from the storage of the 'Apple Production IOS Push Services' RSA key and certificate in /system/www/pem/ck.pem in the firmware. RSA key and certificat...