71 matches found
EUVD-2026-31538
A vulnerability was found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGReset Message Handler. Performing a manipulation results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made public and could be use...
EUVD-2025-209901
Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...
CVE-2025-15645
Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...
CVE-2025-15645 Ledger Nano X, Flex, Stax MCU Firmware Update Denial of Service
Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...
CVE-2025-15645
Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...
CVE-2025-15645
The CVE-2025-15645 affects Ledger Nano X, Flex, and Stax MCU firmware updater. The vulnerability is a denial-of-service in the MCU firmware update process caused by missing validation of the reset_handler parameter during firmware flashing. An attacker could supply a crafted reset_handler address...
CVE-2025-15645 Ledger Nano X, Flex, Stax MCU Firmware Update Denial of Service
Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...
PT-2026-42020
Name of the Vulnerable Software and Affected Versions Ledger Nano X affected versions not specified Ledger Flex affected versions not specified Ledger Stax affected versions not specified Description A denial of service issue exists in the MCU firmware update process. The flaw is caused by missin...
Ledger多款产品 安全漏洞
The Ledger Nano X, among others, are products of the French company Ledger. The Ledger Nano X is a hardware wallet for cryptocurrency assets. The Ledger Flex is a touch-screen hardware wallet for cryptocurrency assets. The Ledger Stax is a curved electronic ink-screen hardware wallet for...
CVE-2026-43054
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...
EUVD-2026-20928
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...
CVE-2026-5959
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...
CVE-2026-5959 GL.iNet GL-RM1/GL-RM10/GL-RM10RC/GL-RM1PE Factory Reset improper authentication
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...
CVE-2026-5959
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...
GL.iNet GL-RM 授权问题漏洞
GL.iNet GL-RM is a series of embedded IoT remote management and communication modules developed by GL.iNet Corporation. There are authorization-related vulnerabilities in GL.iNet GL-RM. These vulnerabilities stem from issues with the Factory Reset Handler component, where improper authentication...
PT-2026-31635
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...
CVE-2026-1935
The Company Posts for LinkedIn plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.0. This is due to a missing capability check on the linkedincompanypostresethandler function hooked to adminpostresetlinkedincompanypost. This makes it possible for...
CVE-2026-1935 Company Posts for LinkedIn <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary LinkedIn Post Data Deletion
The Company Posts for LinkedIn plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.0. This is due to a missing capability check on the linkedincompanypostresethandler function hooked to adminpostresetlinkedincompanypost. This makes it possible for...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001464)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001464 advisory. In ufshcdehdeviceresethandler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with...
CVE-2024-2277
A vulnerability was found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Setting/changepasswordsave of the component Password Reset Handler. The manipulation leads to cross-site...