CVE-2025-47399 Buffer Copy Without Checking Size of Input in Camera

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters...

CVE-2025-47399

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters...

EUVD-2025-206611

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters...

CVE-2025-47399

CVE-2025-47399 describes memory corruption occurring when processing an IOCTL to update sensor property settings with invalid input parameters. The CVE is linked to Qualcomm-reported data with a CVSS v3.1 base score of 7.8 (HIGH) and a LOCAL attack vector, requiring LOW privileges and no user int...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets. These vulnerabilities arise when processing IOCTL calls with invalid input parameters to update sensor property settings, which may lead to...

PT-2026-5677

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters...

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

CVE-2026-1419 D-Link DCS700l Web Form setDayNightMode command injection

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

PT-2026-4722

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

D-Link DCS700l command injection vulnerability

The D-Link DCS700l is a wireless cloud network camera from D-Link Corporation. The D-Link DCS700l version 1.03.09 has a command injection vulnerability. This vulnerability stems from incorrect operations on the parameter “LightSensorControl” in the file /setDayNightMode, which may lead to command...

A PUF-Based Security Framework for Fault and Intrusion Detection

Industrial Control Systems ICS rely on sensor feedback to keep safety-critical processes within operational limits. This research presents a hardware-root-of-trust that embeds a Physically Unclonable Function PUF at the measurement layer to authenticate sensor readings. The architecture combines...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38142)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38142 advisory. - In the Linux kernel, the following vulnerability has been resolved: hwmon: asus-ec-sensors check sensor inde...

[SECURITY] Fedora 43 Update: gpsd-3.26.1-6.fc43

gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the location/course/velocity of the sensor available to be queried on TCP port 2947 of the host computer. With gpsd, multiple GPS client applications such as...

CVE-2025-65553

D3D Wi-Fi Home Security System ZX-G12 v2.1.17 is susceptible to RF jamming on the 433 MHz alarm sensor channel. An attacker within RF range can transmit continuous interference to block sensor transmissions, resulting in missed alarms and loss of security monitoring. The device lacks jamming...

CVE-2025-65552

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames an...

MiracleLinux 9 : webkit2gtk3-2.50.1-1.el9_7 (AXSA:2025-11496:19)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11496:19 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously craft...

MiracleLinux 8 : webkit2gtk3-2.50.0-1.el8_10.ML.1 (AXSA:2025-10960:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10960:16 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously craft...

MiracleLinux 9 : webkit2gtk3-2.50.1-0.el9_6 (AXSA:2025-11002:18)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11002:18 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously craft...