CVE-2025-25735

The CVE-2025-25735 affects Kapsch RIS-9160 and RIS-9260 Roadside Units (RSUs) versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28, due to missing SPI Protected Range Registers (PRRs). This allows an attacker with software running on the system to modify SPI flash in real-time, with a MEDIUM b...

Kapsch TrafficCom RIS-9260和Kapsch TrafficCom RIS-9160 安全漏洞

The Kapsch TrafficCom RIS-9260 and Kapsch TrafficCom RIS-9160 are both a road test unit from Kapsch TrafficCom, Austria, with Telematics communication and co-management functions in intelligent transportation. A security vulnerability exists in the Kapsch TrafficCom RIS-9260 and Kapsch TrafficCom...

CVE-2025-25735

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers PRRs, allowing attackers with software running on the system to modify SPI flash in real-time...

CVE-2025-25733

Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the devi...

CVE-2025-25733

Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the devi...

CVE-2025-25733

CVE-2025-25733 concerns an improper access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 and RIS-9260 Roadside Units (RSUs). Affected versions are 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28. The root cause is improper SPI Flash Chip access control, enabling physically proximate ...

CVE-2025-5191

An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers Windows. Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority...

CVE-2025-5191 Unquoted Search Path Vulnerability in the Utility for Industrial Computers (Windows)

An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers Windows. Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority...

Moxa Utility for DRP-A100 Series 安全漏洞

Moxa Utility for DRP-A100 Series is a software tool from Moxa Corporation, Taiwan, China, that simplifies the configuration and management of the device. A security vulnerability exists in Moxa Utility for DRP-A100 Series, which stems from an un-referenced path configuration in...

PT-2025-34600 · Moxa · Moxa Industrial Computers

Name of the Vulnerable Software and Affected Versions: Moxa industrial computers Windows affected versions not specified Description: An unquoted search path vulnerability exists in the SerialInterfaceService.exe utility. This allows a local attacker with limited privileges to place a malicious...

Ubuntu 22.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7712-1)

"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7712-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

AZL-66647 CVE-2025-38634 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fix null check for powersupplygetbyname In the cpcapusbdetect function, the powersupplygetbyname function may return NULL instead of an error pointer. To prevent potential null pointer dereferences,...

CVE-2025-38648

In the Linux kernel, the following vulnerability has been resolved: spi: stm32: Check for cfg availability in stm32spiprobe The stm32spiprobe function now includes a check to ensure that the pointer returned by ofdevicegetmatchdata is not NULL before accessing its members. This resolves a warning...

CVE-2025-38619 media: ti: j721e-csi2rx: fix list_del corruption

In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: fix listdel corruption If ticsi2rxstartdma fails in ticsi2rxdmacallback, the buffer is marked done with VB2BUFSTATEERROR but is not removed from the DMA queue. This causes the same buffer to be retried in...

USN-7711-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

USN-7703-3: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

USN-7701-3: Linux kernel (IoT) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...

CVE-2025-4371

A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection...

USN-7703-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...