Lucene search
K

14 matches found

Cvelist
Cvelist
added 2026/06/26 10:40 p.m.33 views

CVE-2026-28701 Daktronics Controller Firmware Path Traversal

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS0.00839EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005145)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005145 advisory. In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructe...

7.8CVSS6.3AI score0.00286EPSS
Exploits0References3
OSV
OSV
added 2026/01/23 3:16 p.m.5 views

AZL-77319 CVE-2025-71152 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 2:25 p.m.27 views

CVE-2025-71152 net: dsa: properly keep track of conduit reference

In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...

0.0012EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-387199)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387199 advisory. In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructe...

7.8CVSS6.4AI score0.00286EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/01/23 12:0 a.m.2 views

SUSE SLES15: kubevirt-container-disk / kubevirt-manifests / etc (SUSE-SU-2025:0215-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0215-1 advisory. Update to version 1.4.0 - Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.4.0 - Enable aarch64 build for SL...

5.9AI score
Exploits0References2
OSV
OSV
added 2025/01/22 2:52 a.m.2 views

SUSE-SU-2025:0215-1 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Update ...

7.3AI score
Exploits0References2
OSV
OSV
added 2025/01/13 3:55 p.m.8 views

CLSA-2025-1736783731 kernel: Fix of 10 CVEs

media: edia: dvbdev: fix a use-after-free CVE-2024-27043 - vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans CVE-2024-50264 - net/sched: stop qdisctreereducebacklog on TCHROOT CVE-2024-53057 - bpf: Fix out-of-bounds write in triegetnextkey CVE-2024-50262 - KVM: nSVM:...

7.8CVSS6.9AI score0.00352EPSS
Exploits1References1
OSV
OSV
added 2024/11/12 4:56 p.m.10 views

CLSA-2024-1731430561 kernel: Fix of 31 CVEs

driver core: bus: Fix double free in driver API busregister CVE-2024-50055 - net: tun: Fix use-after-free in tundetach CVE-2022-49014 - memcg: fix possible use-after-free in memcgwriteeventcontrol CVE-2022-48988 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - drivers: media:...

9.1CVSS6.9AI score0.05524EPSS
Exploits5References1
OSV
OSV
added 2024/02/09 3:33 p.m.3 views

SUSE-SU-2024:0441-1 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Update ...

7.3AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/12 11:0 a.m.2 views

CVE-2022-34762

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 an...

7.5CVSS5.9AI score0.00612EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/11/04 11:15 a.m.4 views

CVE-2020-25366

An issue in the component /cgi-bin/uploadfirmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service DoS via unspecified vectors...

9.1CVSS5.8AI score0.03306EPSS
Exploits1References3
CNVD
CNVD
added 2020/01/19 12:0 a.m.3 views

Unspecified Vulnerability in Intelbras WRN240

Intelbras WRN240 is a wireless router from Intelbras Poland. A security vulnerability exists in the Intelbras WRN240 that stems from the program not authenticating firmware substitutions. An attacker can exploit the vulnerability by sending a POST request to the incoming/Firmware.cfg URI to repla...

7.5CVSS6.9AI score0.0781EPSS
Exploits5References1
CNVD
CNVD
added 2017/04/27 12:0 a.m.9 views

Wireless IP Camera (P2P) WIFICAM Sensitive Information Disclosure Vulnerability (CNVD-2017-06906)

Wireless IP Camera P2P WIFICAM is a remote IP camera. A security vulnerability exists in the Wireless IP Camera P2P WIFICAM device that originates from the storage of the 'Apple Production IOS Push Services' RSA key and certificate in /system/www/pem/ck.pem in the firmware. RSA key and certificat...

7.5CVSS6.8AI score0.04223EPSS
Exploits3References1
Rows per page
Query Builder