6203 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-39760
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially od...
usb: core: config: Prevent OOB read in SS endpoint companion parsing
...
CVE-2025-36756
A problem with missing authorization on SolaX Cloud platform allows taking over any SolaX solarpanel inverter of which the serial number is known...
AZL-67154 CVE-2025-39760 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
UBUNTU-CVE-2025-39760
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
CVE-2025-39760 usb: core: config: Prevent OOB read in SS endpoint companion parsing
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
CVE-2025-39760 usb: core: config: Prevent OOB read in SS endpoint companion parsing
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
USN-7744-1 qemu vulnerabilities
It was discovered that QEMU incorrectly handled certain virtio devices. A privileged guest attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-3446 It was...
CVE-2025-36756
A problem with missing authorization on SolaX Cloud platform allows taking over any SolaX solarpanel inverter of which the serial number is known...
CVE-2025-36756 Device Takeover vulnerability in SolaX Cloud
A problem with missing authorization on SolaX Cloud platform allows taking over any SolaX solarpanel inverter of which the serial number is known...
CVE-2025-36756 Device Takeover vulnerability in SolaX Cloud
A problem with missing authorization on SolaX Cloud platform allows taking over any SolaX solarpanel inverter of which the serial number is known...
CVE-2025-36756
The CVE-2025-36756 entry describes a missing-authorization vulnerability in the SolaX Cloud platform that could allow takeover of a known-serial-number SolaX solar inverter. Affected component is the SolaX Cloud platform beneath the inverter management flow; root cause is insufficient access cont...
PT-2025-37028
Name of the Vulnerable Software and Affected Versions: SolaX Cloud platform affected versions not specified Description: A missing authorization issue exists on the SolaX Cloud platform. This allows unauthorized access and potential takeover of SolaX solar panel inverters when the serial number i...
CVE-2025-33045 Legacy Serial Redirection SMRAM Vulnerabilities
APTIOV contains vulnerabilities in the BIOS where a privileged user may cause “Write-what-where Condition” and “Exposure of Sensitive Information to an Unauthorized Actor” through local access. The successful exploitation of these vulnerabilities can lead to information disclosure, arbitrary data...
CVE-2025-33045 Legacy Serial Redirection SMRAM Vulnerabilities
APTIOV contains vulnerabilities in the BIOS where a privileged user may cause “Write-what-where Condition” and “Exposure of Sensitive Information to an Unauthorized Actor” through local access. The successful exploitation of these vulnerabilities can lead to information disclosure, arbitrary data...
CVE-2025-33045
AMI AptioV BIOS contains BIOS-level vulnerabilities enabling a privileged local attacker to perform a write-what-where operation and expose sensitive information, potentially leading to information disclosure and arbitrary data writes with impact to confidentiality, integrity, and availability. S...
SUSE CVE-2025-39724
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: fix panic due to PSLVERR When the PSLVERRRESPEN parameter is set to 1, the device generates an error response if an attempt is made to read an empty RBR Receive Buffer Register while the FIFO is enabled. In...
CVE-2024-36354
Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at...
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization
...
serial: 8250: fix panic due to PSLVERR
...