Microsoft Windows USB Mass Storage Class Driver Security Vulnerability

Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. A security vulnerability exists in the Microsoft Windows USB Mass Storage Class Driver. An attacker could exploit the vulnerability to remotely execute code. The following products and editio...

USN-6548-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-xilinx-zynqmp vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

CVE-2023-49999

Tenda W30E V16.01.0.124843 was discovered to contain a command injection vulnerability via the function setUmountUSBPartition...

CLSA-2023-1701801241 Fix of 8 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: Limit maximum frame Rx based on MTU - igb: Only sync size of expected frame in ethtool testing - igb: Add support for ethtool private flag to allow use of legacy Rx - igb: Add support for using order 1 pages to receive large frames - igb:...

CVE-2023-47304

An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...

CVE-2023-47304

An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...

CVE-2023-48695 Azure RTOS USBX Remote Code Execution Vulnerability

Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to out of bounds write vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host and...

Azure RTOS USBX Security Vulnerability

Azure RTOS USBX is a USB host, device, and mobile OTG embedded stack for Azure RTOS open source. Fully integrated with Azure RTOS ThreadX, it is available for all processors that support Azure RTOS ThreadX. A security vulnerability exists in Azure RTOS USBX versions prior to 6.3.0 that stems from...

PT-2023-30404 · Vonage · Vonage Box Telephone Adapter Vdv23

Name of the Vulnerable Software and Affected Versions: Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1 Description: An issue was discovered that allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device. This issue...

PT-2023-30904 · Microsoft · Azure Rtos Usbx

Name of the Vulnerable Software and Affected Versions: Azure RTOS USBX versions 6.2.1 and below Description: Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to out of bounds write...

BD FACSChorus Security Breach

The BD FACSChorus is a multichannel flow cytometry system from BD Medical BD. A security vulnerability exists in the BD FACSChorus that stems from not restricting which devices can interact with its USB port...

PT-2023-22117 · Unknown · Facschorus

Name of the Vulnerable Software and Affected Versions: FACSChorus workstation operating system affected versions not specified Description: The issue concerns the lack of restriction on devices that can interact with the USB ports of the FACSChorus workstation operating system. This could allow a...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.325.5.el8 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...

Bread - BIOS Reverse Engineering And Advanced Debugging

BREAD BIOS Reverse Engineering & Advanced Debugging is an 'injectable' real-mode x86 debugger that can debug arbitrary real-mode code on real HW from another PC via serial cable. Introduction BREAD emerged from many failed attempts to reverse engineer legacy BIOS. Given that the vast majority -- ...

The vulnerability of the lan78xx_disconnect function (drivers/net/usb/lan78xx.c) in the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the lan78xxdisconnect function drivers/net/usb/lan78xx.c in the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure when a LAN78XX USB device is disconnected...

CVE-2020-11447

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device...

Design/Logic Flaw

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device...

CVE-2020-11447

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device...

PT-2023-11451 · Bell · Bell Homehub 3000

Name of the Vulnerable Software and Affected Versions: Bell HomeHub 3000 version SG48222070 Description: An issue allows remote authenticated users to retrieve the serial number via the "cgi/json-req" endpoint. This is considered an information leak because the serial number is intended to prove ...

Bell Home Hub 3000 Security Vulnerability

Bell Home Hub 3000 is a virtual repair tool from Bell Canada. It is used to quickly detect and fix problems with Bell Fibe Internet, TV and home phone services. A security vulnerability exists in Bell Home Hub 3000 SG48222070, which originates from a remote user being able to retrieve a serial...