6175 matches found
PT-2026-5970
Name of the Vulnerable Software and Affected Versions ORICO NAS CD3510 versions V1.9.12 and below Description The ORICO NAS CD3510 is affected by an Incorrect Symlink Follow issue. This allows attackers to potentially leak or modify the internal file system. An attacker can format a USB drive to...
CVE-2025-69429
The ORICO NAS CD3510 version V1.9.12 and below contains an Incorrect Symlink Follow vulnerability that could be exploited by attackers to leak or tamper with the internal file system. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the...
CVE-2022-50976
A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB...
EUVD-2022-55956
An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus RS485...
CVE-2022-50976 Innomic VibroLine Configurator and avibia Configurator allow unintended device reset via USB
A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB...
CVE-2022-50976 Innomic VibroLine Configurator and avibia Configurator allow unintended device reset via USB
A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB...
CVE-2022-50976
A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB...
EUVD-2022-55953
A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB...
CVE-2026-23021
A flaw was found in the Linux kernel's net: usb: pegasus module. A local attacker with low privileges could exploit this vulnerability when the usbsubmiturb function fails during asynchronous writes to device registers. This can lead to a memory leak, potentially causing a Denial of Service DoS d...
kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...
Innomic VibroLine Series 安全漏洞
The Innomic VibroLine Series is a professional vibration measurement and analysis system developed by the German company Innomic. The Innomic VibroLine Series has a security vulnerability: local attackers can reset the device’s password using an invalid reset file via USB, resulting in the comple...
Innomic VibroLine Series 访问控制错误漏洞
The Innomic VibroLine Series is a professional vibration measurement and analysis system developed by the German company Innomic. The Innomic VibroLine Series has a security access control vulnerability; this vulnerability arises from unverified neighboring attackers who can potentially switch...
PT-2026-5663
A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB...
SUSE CVE-2026-23021
In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in updateethregsasync When asynchronously writing to the device registers and if usbsubmiturb fail, the code fail to release allocated to this point resources...
SUSE CVE-2026-23039
In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...
CVE-2026-23021
In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in updateethregsasync When asynchronously writing to the device registers and if usbsubmiturb fail, the code fail to release allocated to this point resources...
CVE-2026-23039
In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...
UBUNTU-CVE-2026-23039
In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...
CVE-2026-23039 drm/gud: fix NULL fb and crtc dereferences on USB disconnect
In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...
CVE-2026-23039
The CVE-2026-23039 issue affects the Linux kernel DRM Gud (drm/gud) code path. On USB disconnect, drm_atomic_helper_disable_all() clears plane fb and crtc by setting them to NULL before a commit, which can trigger a kernel oops. The fix implements guards to prevent NULL dereferences when accessin...