CVE-2025-15083

A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks o...

spi: tegra210-quad: Fix timeout handling

...

TOZED ZLT M30S 安全漏洞

TOZED ZLT M30S is a mobile WiFi router from China's Tongze Kangwei TOZED. A security vulnerability exists in TOZED ZLT M30S version 1.47 and earlier, which stems from the presence of an improperly access-controlled on-chip debug and test interface in the UART Interface component, which could lead...

PT-2025-53406

Name of the Vulnerable Software and Affected Versions TOZED ZLT M30s versions up to 1.47 Description A flaw exists in TOZED ZLT M30s up to version 1.47 related to the UART Interface component. Manipulation of an unknown function within this component can lead to improper access control to the...

UBUNTU-CVE-2025-68746

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on typically CPU 0 is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer timeout is reached...

CVE-2022-50750 drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure

In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipidsiattach fails, call drmpanelremove to avoid memory leak...

PT-2025-53116

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/panel/panel-sitronix-st7701 module. Specifically, if the mipi dsi attach function fails, the drm panel remove function is not called, leading to a...

EUVD-2025-202620

The firmware on the basestation of the Meatmeet is not encrypted. An adversary with physical access to the Meatmeet device can disassemble the device, connect over UART, and retrieve the firmware dump for analysis. Within the NVS partition they may discover the credentials of the current and...

PT-2025-50500

Name of the Vulnerable Software and Affected Versions Meatmeet affected versions not specified Description The firmware on the Meatmeet basestation is not encrypted. An attacker with physical access can retrieve the firmware dump via UART, potentially discovering credentials for current and...

CVE-2025-65825

The CVE-2025-65825 entry affects Meatmeet basestation firmware where the firmware image is not encrypted. The root cause is unencrypted firmware dumping via UART after physical access, enabling an attacker to extract the firmware and access credentials stored in the NVS partition for current and ...

PT-2025-49049

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc1+ 30 Description The Linux kernel contains a flaw in the serial handling code for the SH-SCI SuperH Serial Communication Interface. Specifically, the receive error handling code incorrectly manages FIFO...

spi: fsi: Implement a timeout for polling status

...

EUVD-2025-35065

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32csistart', 'csidev-ssubdev' is dereferenced directly while assigning a value to the 'srcpad'. However the same value is being checked against NULL at a later point of...

EUVD-2025-33909

A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component UART Interface. Executing manipulation can lead to insecure storage of sensitive information. The physical device can be targeted for the attack. This attack i...

CVE-2025-11644

A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component UART Interface. Executing manipulation can lead to insecure storage of sensitive information. The physical device can be targeted for the attack. This attack i...

CVE-2025-11644

Tomofun Furbo 360 and Furbo Mini expose a UART Interface weakness that can lead to insecure storage of sensitive information. The flaw affects Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074, requiring physical access to the device and described as high complexity to exploit, wit...

CVE-2025-11644 Tomofun Furbo 360/Furbo Mini UART sensitive information

A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component UART Interface. Executing manipulation can lead to insecure storage of sensitive information. The physical device can be targeted for the attack. This attack i...

EUVD-2025-33897

A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. This affects an unknown part of the component UART Interface. The manipulation results in information disclosure. An attack on the physical device is feasible. The firmware versions determined to be affected are Furbo 360 up...

CVE-2025-11634

A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. This affects an unknown part of the component UART Interface. The manipulation results in information disclosure. An attack on the physical device is feasible. The exploit has been released to the public and may be exploited...

Tomofun Furbo 360和Tomofun Furbo Mini 安全漏洞

Tomofun Furbo 360 and Tomofun Furbo Mini are both smart pet cameras from Tomofun, a company based in Taiwan, China. A security vulnerability exists in Tomofun Furbo 360 FB0035FW036 and earlier versions and Tomofun Furbo Mini MC0020FW074 and earlier versions, which stems from an insecure storage o...