Bosch Security Systems IP Cameras NXP Chip Side-Channel Key Extraction (CVE-2021-3011)

Several Bosch IP cameras are built on a hardware platform that uses an NXP SmartMX/P5x secure element affected by an electromagnetic-wave side-channel vulnerability. An attacker with extended physical access to the device could recover the ECDSA private key and clone the device. The issue resides...

CVE-2025-4386 Medtronic MyCareLink Patient Monitor Hardware Debug Port

Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal.​...

CVE-2026-20709

Use of Default Cryptographic Key in the hardware for some IntelR PentiumR Processor Silver Series, IntelR CeleronR Processor J Series, IntelR CeleronR Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexit...

CVE-2026-20709

Use of Default Cryptographic Key in the hardware for some IntelR PentiumR Processor Silver Series, IntelR CeleronR Processor J Series, IntelR CeleronR Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexit...

SecureRAG-RTL: A Retrieval-Augmented, Multi-Agent, Zero-Shot LLM-Driven Framework for Hardware Vulnerability Detection

Large language models LLMs have shown remarkable capabilities in natural language processing tasks, yet their application in hardware security verification remains limited due to scarcity of publicly available hardware description language HDL datasets. This knowledge gap constrains LLM performan...

New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs

A team of academics from the CISPA Helmholtz Center for Information Security in Germany has disclosed the details of a new hardware vulnerability affecting AMD processors. The security flaw, codenamed StackWarp , can allow bad actors with privileged control over a host server to run malicious cod...

CVE-2018-9391

In updategpssv and outputvzwdebug of vendor/mediatek/proprietary/hardware/connectivity/gps/gpshal/src/gpshalwor ker.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction ...

EUVD-2025-199626

NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service...

Missing Linux Kernel mitigations for 'VMScape' hardware vulnerability

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

CVE-2025-58153 BIG-IP HSB vulnerability

Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge HSB may experience a lockup of the HSB. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

PT-2025-42339

Name of the Vulnerable Software and Affected Versions Versions affected versions not specified Description Hardware systems with a High-Speed Bridge HSB may experience a lockup of the HSB under undisclosed traffic conditions and conditions beyond the attacker's control. Software versions that hav...

EUVD-2020-16336

Malware in sbrugna...

EUVD-2019-5787

Malware in sbrugna...

EUVD-2020-30111

Malware in sbrugna...

EUVD-2018-2304

Malware in sbrugna...

EUVD-2018-13683

Malware in sbrugna...

EUVD-2024-35859

Malicious code in bioql PyPI...

EUVD-2022-15510

Malicious code in bioql PyPI...

CVE-2025-41713 WAGO: Vulnerability in hardware switch circuit

During a short time frame while the device is booting an unauthenticated remote attacker can send traffic to unauthorized networks due to the switch operating in an undefined state until a CPU-induced reset allows proper configuration...

eCharge Hardy Barth Salia PLCC 代码问题漏洞

The eCharge Hardy Barth Salia PLCC is a charging post controller from eCharge Germany. A code issue vulnerability exists in eCharge Hardy Barth Salia PLCC version 2.2.0, which stems from incorrect manipulation of the parameter setrfidlist in file/api.php, which could lead to arbitrary file upload...