PT-2025-39007

The LB-Link routers, including the BL-AC2100 AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000 AE4 v2.4.9, BL-AC1900 AZ2 v1.0.2, BL-X26 AC8 v1.2.8, and BL-LTE300 DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/set serial...

CVE-2025-57685

The LB-Link routers, including the BL-AC2100AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000AE4 v2.4.9, BL-AC1900AZ2 v1.0.2, BL-X26AC8 v1.2.8, and BL-LTE300DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/setserialcfg...

CVE-2025-54497

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. CVE-2022-50116: tty: ngsm: fix deadlock and link starvation in outgoing data path...

Multiple Brother and its OEM products with weak initial administrator passwords

Overview Multiple products provided by BROTHER INDUSTRIES, LTD and other OEM vendors are setup with weak initial administrator passwords, which can be derived from their serial numbers. This is reported by Rapid7, and treated on JVNVU90043828, CVE-2024-51978. Brother states that 1 serial numbers...

SUSE CVE-2022-50382

In the Linux kernel, the following vulnerability has been resolved: padata: Always leave BHs disabled when running -parallel A deadlock can happen when an overloaded system runs -parallel in the context of the current task: padatadoparallel -parallel pcryptaeadenc/dec padatadoserial...

SUSE CVE-2023-53176

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port-pm on port specific driver unbind When we unbind a serial port hardware specific 8250 driver, the generic serial8250 driver takes over the port. After that we see an oops about 10 seconds later. This can...

SUSE CVE-2023-53413

In the Linux kernel, the following vulnerability has been resolved: USB: isp116x: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

SUSE CVE-2023-53415

In the Linux kernel, the following vulnerability has been resolved: USB: dwc3: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...

CVE-2025-54497

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

CVE-2025-54497 Cognex In-Sight Explorer and In-Sight Camera Firmware Incorrect Permission Assignment for Critical Resource

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

CVE-2025-54497 Cognex In-Sight Explorer and In-Sight Camera Firmware Incorrect Permission Assignment for Critical Resource

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

CVE-2025-54497

CVE-2025-54497 affects Cognex In-Sight Explorer and In-Sight Camera Firmware. A telnet-based service exposed on port 23 (requires authentication) can be misused by a user with protected privileges to invoke SetSerialPort and alter device properties (e.g., serial interface settings), violating the...

CVE-2023-53413

In the Linux kernel, the following vulnerability has been resolved: USB: isp116x: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

CVE-2023-53404

In the Linux kernel, the following vulnerability has been resolved: USB: fotg210: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

CVE-2023-53379

In the Linux kernel, the following vulnerability has been resolved: usb: phy: phy-tahvo: fix memory leak in tahvousbprobe Smatch reports: drivers/usb/phy/phy-tahvo.c: tahvousbprobe warn: missing unwind goto? After geting irq, if ret 0, it will return without error handling to free memory. Just ad...

CVE-2022-50382

In the Linux kernel, the following vulnerability has been resolved: padata: Always leave BHs disabled when running -parallel A deadlock can happen when an overloaded system runs -parallel in the context of the current task: padatadoparallel -parallel pcryptaeadenc/dec padatadoserial...

CVE-2023-53415

In the Linux kernel, the following vulnerability has been resolved: USB: dwc3: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...

DEBIAN-CVE-2023-53417

In the Linux kernel, the following vulnerability has been resolved: USB: sl811: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

DEBIAN-CVE-2022-50375

In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: disable dma rx/tx use flags in lpuartdmashutdown lpuartdmashutdown tears down lpuart dma, but lpuartflushbuffer can still occur which in turn tries to access dma apis if lpuartdmatxuse flag is true. At thi...