CVE-2025-40093

The CVE-2025-40093 entry concerns the Linux kernel USB gadget ECM (f_ecm) bind path. The vulnerability arises after a bind/unbind cycle where ecm->notify_req remains stale, causing a NULL pointer dereference when the system tries to free a request via ep->ops->free_request during a subse...

[SECURITY] Fedora 42 Update: qt6-qtspeech-6.9.3-1.fc42

The module enables a Qt application to support accessibility features such as text-to-speech, which is useful for end-users who are visually challenged or cannot access the application for whatever reason. The most common use case where text-to-speech comes in handy is when the end-user is drivin...

[SECURITY] Fedora 42 Update: qt6-qtserialbus-6.9.3-1.fc42

Qt Serial Bus API provides classes and functions to access the various industrial serial buses and protocols, such as CAN, ModBus, and others...

[SECURITY] Fedora 42 Update: qt6-qtserialport-6.9.3-1.fc42

Qt Serial Port provides the basic functionality, which includes configuring, I/O operations, getting and setting the control signals of the RS-232 pinouts...

EUVD-2025-36663

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer deference in trytoregistercard In trytoregistercard, the return value of usbifnumtoif is passed directly to usbinterfaceclaimed without a NULL check, which will lead to a NULL pointer dereference...

CVE-2025-40085

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer deference in trytoregistercard In trytoregistercard, the return value of usbifnumtoif is passed directly to usbinterfaceclaimed without a NULL check, which will lead to a NULL pointer dereference...

kernel: net: usb: smsc75xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked usbifnumtoif return value that could lead to a null pointer dereference...

Siemens SIMATIC Devices Out-of-bounds Read (CVE-2023-37453)

An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in readdescriptors in drivers/usb/core/sysfs.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Exploit for Use of Incorrectly-Resolved Name or Reference in Apache Tomcat

This is a Java class file that appears to be a payload for a malicious attack. The class is named "Foo" and has a single method, "", which is the constructor. The constructor takes no arguments and does not perform any actions. The class also has a "serialVersionUID" field, which is a unique...

CVE-2025-34500

Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's...

Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: Move NSS DB password hash away from SHA-1 Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has read as many bytes as each length field indicates Update to NSS 3.112.1: restore support for finding...

SUSE-SU-2025:3804-1 Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: - Move NSS DB password hash away from SHA-1 Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has read as many bytes as each length field indicates Update to NSS 3.112.1: restore support for finding...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-47718)

wifi: rtw88: vulnerability may lead to a use-after-free UAF error if firmware loading is not properly synchronized during USB initialization and disconnection. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 8090...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-50058)

"In the Linux kernel, the following vulnerability has been resolved: serial: protect uartportdtrrts in uartshutdown too Commit af224ca2df29 serial: core: Prevent unsafe uart port access, part 3 added few uport == NULL checks. It added one to uartshutdown, so the commit assumes, uport can be NULL ...

Siemens SIMATIC Devices Improper Locking (CVE-2024-26934)

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usbdeauthorizeinterface This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC Devices Divide By Zero (CVE-2024-27059)

In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200atacommand The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when creating a CDB for READ o...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-43893)

serial: core: vulnerability due to a missing check for uartclk being zero, leading to a potential divide-by-zero error when calling ioctl TIOCSSERIAL with an invalid baudbase. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

EUVD-2025-35895

Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's...

CVE-2025-12114

Enabled serial console could potentially leak information that might help attacker to find vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...