DEBIAN-CVE-2023-53779

In the Linux kernel, the following vulnerability has been resolved: mfd: dln2: Fix memory leak in dln2probe When dln2setuprxurbs in dln2probe fails, error outfree forgets to call usbputdev to decrease the refcount of dln2-usbdev. Fix this by adding usbputdev in the error handling code of dln2prob...

UBUNTU-CVE-2022-50633

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix memory leak in dwc3qcominterconnectinit oficcget alloc resources for path handle, we should release it when not need anymore. Like the release in dwc3qcominterconnectexit function. Add iccput in error handlin...

CVE-2023-53785

The CVE-2023-53785 entry concerns the Linux kernel mt76/mt7921 SDIO path. The vulnerability arises when mt7921_usb_sdio_tx_prepare_skb() and mt7921_skb_add_usb_sdio_hdr() blindly assume sufficient headroom in an skb, which can trigger kernel panics if the skb originates from a receive path (e.g.,...

CVE-2023-53779

The CVE-2023-53779 entry concerns a Linux kernel memory-leak in the mfd: dln2 path. Specifically, in dln2_probe(), if dln2_setup_rx_urbs() fails, the error handling path previously failed to call usb_put_dev(), leaving the dln2->usb_dev refcount unreleased. The referenced fixes add usb_put_dev...

CVE-2023-53779

Removed by vendor...

PT-2025-50129

Name of the Vulnerable Software and Affected Versions Fortinet FortiWeb versions 8.0.0 through 8.0.1 Fortinet FortiWeb versions 7.6.0 through 7.6.5 Fortinet FortiWeb versions 7.4.0 through 7.4.10 Fortinet FortiWeb versions 7.2.0 through 7.2.11 Fortinet FortiWeb versions 7.0.0 through 7.0.11...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from usb-storage alauda not verifying the USB transfer state, which could lead to the use of uninitialized data...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a memory leak in samsungtty in the event of a s3c24xxserialgetclk error...

Schneider Electric PowerChute Serial Shutdown Directory Traversal Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric PowerChute Serial Shutdown. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the...

Siemens多款产品 安全漏洞

Siemens SIDOOR ATD430W and others are an automatic door drive system from Siemens, Germany. A security vulnerability exists in various Siemens products, which stems from insufficient TCP serial number validation and could lead to a denial-of-service attack. The following products are affected:...

Siemens SIMATIC CN 4100 访问控制错误漏洞

The Siemens SIMATIC CN 4100 is a communication node from Siemens, Germany. The Siemens SIMATIC CN 4100 suffers from an Access Control Error vulnerability that originates when the USB port allows an unauthenticated connection, which can be exploited by an attacker to cause a denial of service...

PT-2025-49749

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the s3c24xx serial getclk function within the Samsung TTY serial driver. This occurs when clk get rate fails, and the allocated clock is not freed, leading to a...

PT-2025-49815

An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device...

Phoenix Contact FL SWITCH 安全漏洞

The PHOENIX CONTACT FL SWITCH is an industrial grade Ethernet switch from PHOENIX CONTACT, Germany. A security vulnerability exists in Phoenix Contact FL SWITCH versions prior to 3.50, which originates from an undocumented UART port and could result in gaining root access...

PT-2025-49639

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the dln2 probe function within the kernel's MFD Multiple Function Device driver for DLN2 devices. Specifically, when dln2 setup rx urbs fails during the probe...

CVE-2025-65231

Barix Instreamer v04.06 and earlier is vulnerable to Cross Site Scripting XSS in the Web UI I/O & Serial configuration page, specifically the CTS close command user-input field which is stored and later rendered on the Status page...

CVE-2025-65231

Barix Instreamer v04.06 and earlier is vulnerable to Cross Site Scripting XSS in the Web UI I/O & Serial configuration page, specifically the CTS close command user-input field which is stored and later rendered on the Status page...

CVE-2025-48625

In multiple locations of UsbDataAdvancedProtectionHook.java, there is a possible way to access USB data when the screen is off due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48625

In multiple locations of UsbDataAdvancedProtectionHook.java, there is a possible way to access USB data when the screen is off due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

ALSA: usb-audio: Fix potential overflow of PCM transfer buffer

...