The vulnerability of the read_descriptors() function in the drivers/usb/core/sysfs.c file of the Linux kernel’s USB driver allows a attacker to cause a service failure.

The vulnerability of the readdescriptors function in the drivers/usb/core/sysfs.c file of the Linux kernel’s USB driver is related to reading a reserved buffer from outside the system. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2021-37386

Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function...

Design/Logic Flaw

Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function...

Tracking Down a Suspect through Cell Phone Records

Interesting forensics in connection with a serial killer arrest: Investigators went through phone records collected from both midtown Manhattan and the Massapequa Park area of Long Island--two areas connected to a "burner phone" they had tied to the killings. In court, prosecutors later said the...

CVE-2021-37386

Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function...

PT-2023-12318 · Furukawa Electric · Furukawa Electric Latam Ld421-21W +1

Name of the Vulnerable Software and Affected Versions: Furukawa Electric LatAm 423-41W/AC versions prior to 1.1.4 Furukawa Electric LatAm LD421-21W versions prior to 1.3.3 Description: The issue is related to an HTML injection vulnerability via the serial number update function. This vulnerabilit...

CVE-2021-37386

Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function...

Furukawa Electric 423-41W/AC 跨站脚本漏洞

The Furukawa Electric 423-41W/AC is a wireless router from Furukawa Electric Japan. A cross-site scripting vulnerability exists in the Furukawa Electric 423-41W/AC v1.1.4 prior and LD421-21W v1.3.3 prior, which stems from an HTML injection vulnerability via the serial number update feature...

An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.

...

USN-6222-1 linux-xilinx-zynqmp vulnerabilities

Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-3108...

CVE-2023-35303

USB Audio Class System Driver Remote Code Execution Vulnerability...

CVE-2023-35303

USB Audio Class System Driver Remote Code Execution Vulnerability...

AZL-27388 CVE-2023-37453 affecting package kernel for versions less than 5.15.135.1-2

An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in readdescriptors in drivers/usb/core/sysfs.c...

CVE-2023-27198

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability...

PT-2023-20999 · Pax · Pax A930 +1

Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid version 7.1.1 Virgo V04.5.02 20220722 Description: The issue allows the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must hav...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2262)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the web server of the microprogramming software for the processor module control units of Siemens SICAM CP-8031 and CP-8050 allows a hacker to elevate their privileges to the root level.

The vulnerability of the web server of the microprogramming software for the processor module controllers of Siemens SICAM CP-8031 and CP-8050 relates to the open UART console input interface. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2023-2286)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality fail when multiple URLs...

CVE-2023-21154

In StoreAdbSerialNumber of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2023-2991

Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message...