1845 matches found
ROS-20260403-73-0037
A vulnerability in the doregisterframebuffer function of the fbdev/core/fbmem.c component of the Linux kernel is related to writing outside the buffer boundaries. Exploitation of the vulnerability allows an attacker to violate the integrity and availability of protected information...
CVE-2026-2273
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
The vulnerability of the loop_queue_rq() function in the drivers/block/loop.c module of the Linux kernel’s block devices driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the loopqueuerq function in the drivers/block/loop.c module of the Linux kernel’s block devices driver is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
ROS-20260324-73-0010
A vulnerability in the f2fs component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...
ROS-20260324-73-0015
A vulnerability in the ipv6 component of the Linux operating system kernel is associated with the execution of a loop with an inaccessible exit condition. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...
ROS-20260320-73-0013
A vulnerability in the Golang programming language is related to errors in the certificate authentication procedure. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...
ROS-20260317-73-0030
A vulnerability in the net/xfrm component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an intruder to affect confidentiality, integrity and availability of protected information...
ROS-20260313-73-0016
A vulnerability in the dell-wmi-sysman component of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...
EUVD-2026-10572
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
CVE-2026-27685
SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system...
CVE-2026-2273
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
CVE-2026-24309 Missing Authorization check in SAP NetWeaver Application Server for ABAP
Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...
The vulnerability of the i40e_validate_cloud_filter() function in the drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c file of the Intel Ethernet network adapter driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the i40evalidatecloudfilter function in the drivers/net/ethernet/intel/i40e/i40evirtchnlpf.c file of the Intel Ethernet network adapter driver for the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacke...
EUVD-2025-208431
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...
Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005925)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005925 advisory. A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The...
The vulnerability of Moxa industrial computers lies in the insufficient protection of registration data, which allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of Moxa industrial computers lies in the insufficient protection of registration data. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the tcp_disconnect() function in the net/ipv4/tcp.c module of the Linux operating system’s IPv4 protocol implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the tcpdisconnect function in the net/ipv4/tcp.c module of the Linux kernel’s IPv4 protocol implementation is related to improper release of resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
CVE-2026-25963
Fleet is open source device management software. In versions prior to 4.80.1, a broken authorization check in Fleet’s certificate template deletion API could allow a team administrator to delete certificate templates belonging to other teams within the same Fleet instance. Fleet supports...
CVE-2024-36319
Debug code left active in AMD's Video Decoder Engine Firmware VCN FW could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system...
CVE-2023-31324
A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...