CVE-2026-30603

CVE-2026-30603 concerns the firmware update mechanism of the Qianniao QN-L23PA0904 (version v20250721.1640). The available documents state that an attacker can achieve root access, install backdoors, and exfiltrate data by providing a crafted iu.sh script via an SD card. The connected sources do ...

Qianniao QN-L23PA0904 安全漏洞

Qianniao QN-L23PA0904 is a laptop power adapter produced by Qianniao Corporation. The version v20250721.1640 of Qianniao QN-L23PA0904 contains a security vulnerability. This vulnerability stems from issues with the firmware update mechanism. Attackers can obtain root access, install backdoors, an...

CVE-2025-65397

The CVE-2025-65397 entry concerns Blurams Flare Camera versions prior to 24.1114.151.929. A vulnerability in the safe_exec.sh startup script allows an attacker with physical access to execute arbitrary commands with root privileges when the file /opt/images/public_key.der is absent and a maliciou...

CVE-2025-64305

MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal...

EUVD-2025-199013

An issue in Blurams Lumi Security Camera A31C v23.1227.472.2926 allows local physical attackers to execute arbitrary code via overriding the bootloader on the SD card...

CVE-2025-63674

The CVE-2025-63674 entry concerns Blurams Lumi Security Camera (A31C) version 23.1227.472.2926. The documented vulnerability arises from an SD-card bootloader that can be overridden, enabling a local physical attacker to execute arbitrary code on the device. The impact, as stated, includes potent...

CVE-2025-63674

An issue in Blurams Lumi Security Camera A31C v23.1227.472.2926 allows local physical attackers to execute arbitrary code via overriding the bootloader on the SD card...

CVE-2025-55810

CVE-2025-55810 affects the Alaga Home Security WiFi Camera 3K, model S-CW2503C-H, with hardware version V03 and firmware 1.4.2. The documented vulnerability allows a physical attacker to execute commands as root by placing a script file with a specific name on an SD card inserted into the device....

CVE-2025-56438

An issue in the firmware update mechanism of Nous W3 Smart WiFi Camera v1.33.50.82 allows unauthenticated and physically proximate attackers to escalate privileges to root via supplying a crafted update.tar archive file stored on a FAT32-formatted SD card...

PT-2025-43637

Name of the Vulnerable Software and Affected Versions Nous W3 Smart WiFi Camera version 1.33.50.82 Description A flaw exists in the firmware update process of the Nous W3 Smart WiFi Camera. An attacker in close physical proximity, without needing to authenticate, can gain root access by providing...

Android Not Reading SD Card? Here’s How to Fix it

As we all know, the SD card usually stores your multimedia and important mobile files. When Android suddenly…...

Maka GPS Marbella KR8s 安全漏洞

Maka GPS Marbella KR8s is a car recorder from Maka GPS Singapore. A security vulnerability exists in Maka GPS Marbella KR8s version 2.0.8, which originates from a password written in clear text to the SD card...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from various issues in the mmc driver due to increasing maxreqsize, including a kernel crash when booting from an...

kernel: drivers/usb/storage/ene_ub6250.c

An out-of-bounds memory access flaw was found in the Linux kernel ENE SD/MS Card reader driver. This issue occurs when using a malicious USB device, which could allow a local user to crash the system...

CVE-2023-43776

Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access. It was observed that the device password was stored with a weak encoding algorithm in the easyE4 program file when exported to SD card .PRG file ending...

CVE-2023-35699

Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card...

CVE-2023-35699

Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card...

CVE-2022-36443

An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels wireless and SD card but it is still possible to use a physical connection Ethernet cable without restriction...

DEBIAN-CVE-2022-20008

In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for...

IDEC PLC 安全漏洞

The IDEC PLC is a programmable controller. A security vulnerability exists in the IDEC PLC that can be exploited by an attacker to obtain user credentials from a file server, a backup repository, or a ZLD file saved on an SD card...