95 matches found
CVE-2025-8627
The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause unintended power-off condition and potential information leak. This issue affects TP-Link KP303 US Smartplug: before 1.1.0...
CVE-2025-8627
The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause unintended power-off condition and potential information leak. This issue affects TP-Link KP303 US Smartplug: before 1.1.0...
CVE-2025-8627 Unauthenticated Protocol Commands on TP-Link KP303
The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause unintended power-off condition and potential information leak. This issue affects TP-Link KP303 US Smartplug: before 1.1.0...
CVE-2025-8627 Unauthenticated Protocol Commands on TP-Link KP303
The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause unintended power-off condition and potential information leak. This issue affects TP-Link KP303 US Smartplug: before 1.1.0...
CVE-2025-8627
The CVE-2025-8627 entry describes a vulnerability in TP-Link KP303 Smartplug (US) prior to version 1.1.0 where unauthenticated protocol commands can be issued to cause an unintended power-off condition and potential information leak. The issue affects the KP303 (US) Smartplug before 1.1.0. The CV...
PT-2025-34709
Name of the Vulnerable Software and Affected Versions: TP-Link KP303 Smartplug versions prior to 1.1.0 Description: The TP-Link KP303 Smartplug is susceptible to unauthenticated protocol commands that can lead to an unintended power-off condition and potential information leak. Recommendations:...
kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freeing in the ishtphidremove...
CVE-2025-21004
Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device...
CVE-2025-21004
Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device...
CVE-2025-21004
Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device...
CVE-2025-21004
Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device...
CVE-2024-52876
Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions in broadcast mode via multiple read operations on the ASTM Remote ID 0xFFFA GATT...
CVE-2024-32899
In gpupmpowerofftopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a race condition. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-37946 s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs
In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix duplicate pcidevput in disableslot when PF has child VFs With commit bcb5d6c76903 "s390/pci: introduce lock to synchronize state of zpcidev's" the code to ignore power off of a PF that has child VFs was changed from...
CVE-2024-52876
Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions in broadcast mode via multiple read operations on the ASTM Remote ID 0xFFFA GATT...
CVE-2024-52876
Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions in broadcast mode via multiple read operations on the ASTM Remote ID 0xFFFA GATT...
CVE-2024-52876
Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions in broadcast mode via multiple read operations on the ASTM Remote ID 0xFFFA GATT...
CVE-2024-52876
The CVE-2024-52876 entry pertains to Holy Stone Remote ID Module HSRID01 (firmware distributed with Drone Go2 before version 1.1.8). The issue allows unauthenticated remote power-off actions in broadcast mode via multiple read operations on the ASTM Remote ID (0xFFFA) GATT. Affected firmware vers...
PT-2024-35473 · Holy Stone · Holy Stone Remote Id Module Hsrid01 +1
Name of the Vulnerable Software and Affected Versions: Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before version 1.1.8 Description: The issue allows unauthenticated "remote power off" actions in broadcast mode via multiple read operations on th...
SUSE CVE-2024-47717
In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data With the latest Linux-6.11-rc3, the below NULL pointer crash is observed when SBI PMU snapshot is enabled for the guest and the guest is forcefully powered-off...