SUSE CVE-2022-49755

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race during ffsep0queuewait While performing fast composition switch, there is a possibility that the process of ffsep0write/ffsep0read get into a race condition due to ep0req being freed up from...

KDDI HGW BL1500HM 路径遍历漏洞

The KDDI HGW BL1500HM is a home router from KDDI Japan. A path traversal vulnerability exists in KDDI HGW BL1500HM 002.002.003 and earlier versions, which stems from path traversal in the USB storage file sharing feature and could result in the deletion of files or a denial of service...

KDDI HGW BL1500HM 跨站脚本漏洞

The KDDI HGW BL1500HM is a home router from KDDI Japan. A cross-site scripting vulnerability exists in KDDI HGW BL1500HM 002.002.003 and earlier versions, which originates from cross-site scripting in the USB storage file sharing feature and could lead to the execution of arbitrary scripts...

DEBIAN-CVE-2022-49755

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race during ffsep0queuewait While performing fast composition switch, there is a possibility that the process of ffsep0write/ffsep0read get into a race condition due to ep0req being freed up from...

UBUNTU-CVE-2022-49741

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe have many unmatching issues, e.g., missing ufxfreeusblist, destroymodedb label should only include framebufferrelease,...

UBUNTU-CVE-2022-49756

In the Linux kernel, the following vulnerability has been resolved: phy: usb: sunplus: Fix potential null-ptr-deref in spusbphyprobe spusbphyprobe will call platformgetresourcebyname that may fail and return NULL. devmioremap will use usbphy-moon4resmem-start as input, which may causes...

CVE-2023-52938 usb: typec: ucsi: Don't attempt to resume the ports before they exist

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Don't attempt to resume the ports before they exist This will fix null pointer dereference that was caused by the driver attempting to resume ports that were not yet registered...

CVE-2025-30854

Cross-Site Request Forgery CSRF vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support serial-codes-generator-and-validator allows Cross Site Request Forgery.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through = 2.7....

WordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.7.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Serial Codes Generator and Validator with WooCommerce Support versions = 2.7.7...

CVE-2025-30854

CVE-2025-30854 is a CSRF vulnerability in the WordPress plugin Serial Codes Generator and Validator with WooCommerce Support . The issue affects versions up to and including 2.7.7, as cited in the vulnerability entry. The associated Wordfence vulnerability listing shows a CVSSv3.1 base score of 4...

The vulnerability of the Linux operating system’s serial kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s serial kernel component is related to improper validation of input data in the function uartshutdown. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the imx_uart_console_write() function in the Linux kernel’s serial component allows a hacker to trigger a service failure.

The vulnerability of the imxuartconsolewrite function in the Linux kernel’s serial component is related to improper locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the padata component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the padatadoserial function in the padata component of the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

WordPress plugin Saso Serial Codes Generator and Validator with WooCommerce Support 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CLSA-2025-1742926277 openssh: Fix of CVE-2025-26465

CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation openssh bz3012 Orabug: 30448895...

Linux 4.2 Out-Of-Bounds Write

The USB CDC-ACM driver in Linux versions starting at 4.12 suffers from a missing size check in acmctrlirq that leads to an out-of-bounds write...

CLSA-2025-1742731930 openssh: Fix of CVE-2025-26465

CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation openssh bz3012 Orabug: 30448895...

The vulnerability of the usbtv_video_free() function in the drivers/media/usb/usbtv/usbtv-video.c driver of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the usbtvvideofree function in the drivers/media/usb/usbtv/usbtv-video.c file of the Linux kernel driver module is related to the occurrence of mutual locking. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the max3100_probe() function in the drivers/tty/serial/max3100.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the max3100probe function in the drivers/tty/serial/max3100.c module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

CLSA-2025-1742472545 kernel: Fix of 9 CVEs

USB: serial: ioedgeport: fix use after free in debug printk CVE-2024-50267 - HID: core: zero-initialize the report buffer CVE-2024-50302 - dm cache: fix potential out-of-bounds access on the first resume CVE-2024-50278 - dm cache: fix out-of-bounds access to the dirty bitset when resizing...