The vulnerability of the USB redirection channel (urbdrc) in the FreeRDP remote desktop protocol allows a hacker to access connected data and send it back to the server.

The vulnerability of the USB redirection channel urbdrc in the FreeRDP remote desktop protocol is related to the issue of data operations going out of the buffer when integers that do not fall within the data type’s range are incorrectly added. Exploiting this vulnerability allows a malicious act...

The vulnerability of the USB redirection channel (urbdrc) in the FreeRDP remote desktop protocol allows a intruder to gain unauthorized access to protected information or cause a service failure.

The vulnerability of the USB redirection channel urbdrc in the FreeRDP remote desktop protocol is related to the issue where operations are performed outside the buffer during data input length checking. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

The vulnerability of the USB redirection channel (urbdrc) in the FreeRDP remote desktop protocol allows a intruder to trigger a maintenance failure.

The vulnerability of the USB redirection channel urbdrc in the FreeRDP remote desktop protocol is related to insufficient validation of input data during division by zero. Exploiting this vulnerability can allow a malicious actor to cause service failures...

CVE-2022-35897

An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. If the attacker modifies specific UEFI variables, it can cause a stack overflow, leading to arbitrary code execution. The specific variables are normally...

OESA-2022-2103 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: VUL-0: CVE-2022-3628: kernel: USB-accessible buffer overflow in Linux kernel driver brcmfmacCVE-2022-3628...

CVE-2022-45163

An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol SDP mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device...

NXP Semiconductors i.MX SoC 安全漏洞

The NXP Semiconductors i.MX SoC is a multi-core solution for multimedia and display applications from NXP Semiconductors of the Netherlands, featuring scalable, secure and reliable high performance and low power consumption. A security vulnerability exists in the NXP Semiconductors i.MX SoC that,...

PT-2022-27417 · Nxp · Nxp Vybrid +10

Name of the Vulnerable Software and Affected Versions: NXP i.MX RT 1010 NXP i.MX RT 1015 NXP i.MX RT 1020 NXP i.MX RT 1050 NXP i.MX RT 1060 NXP i.MX 6 Family NXP i.MX 7Dual/Solo NXP i.MX 7ULP NXP i.MX 8M Quad NXP i.MX 8M Mini NXP Vybrid Description: An information-disclosure issue exists on selec...

Mediatrix 4102 安全漏洞

The Mediatrix 4102 is a VoIP adapter from Mediatrix. A security vulnerability exists in versions prior to Mediatrix 4102 v48.5.2718, which stems from a vulnerability that allows a local attacker to gain root access via the UART port...

DEBIAN-CVE-2022-39318

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in urbdrc channel. A malicious server can trick a FreeRDP based client to crash with division by zero. This issue has been addressed in version 2.9.0. All users are advised to...

kernel: usb: usbip: fix a refcount leak in stub_probe()

In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stubprobe usbgetdev is called in stubdevicealloc. When stubprobe fails after that, usbputdev needs to be called to release the reference. Fix this by moving usbputdev to sdevfree error path...

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O 5.0 to 5.5, which originates in UsbCoreDxe, where...

The vulnerability of the microprogrammed software of the Moxa NE-4100T serial interface converter lies in the lack of authentication procedures, which allows attackers to circumvent existing security restrictions.

The vulnerability of the Microprogrammed Software for Serial Interface Converters Moxa NE-4100T is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...

Unbreakable Enterprise kernel security update

4.14.35-2047.519.2.1 - xfs: trim IO to found COW extent limit Eric Sandeen Orabug: 34765284 - xfs: don't use delalloc extents for COW on files with extsize hints Christoph Hellwig Orabug: 34765284 4.14.35-2047.519.2 - Revert 'xfs: don't use delalloc extents for COW on files with extsize hints'...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.519.2.1.el7 - xfs: trim IO to found COW extent limit Eric Sandeen Orabug: 34765284 - xfs: don't use delalloc extents for COW on files with extsize hints Christoph Hellwig Orabug: 34765284 4.14.35-2047.519.2 - Revert 'xfs: don't use delalloc extents for COW on files with extsize hints...

DEBIAN-CVE-2022-3903

An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system...

UBUNTU-CVE-2022-3903

An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system...

GSD-2022-1007651 drivers: serial: jsm: fix some leaks in probe

drivers: serial: jsm: fix some leaks in probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.331 by commit...

GSD-2022-1007587 drivers: serial: jsm: fix some leaks in probe

drivers: serial: jsm: fix some leaks in probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.296 by commit...

GSD-2022-1007511 drivers: serial: jsm: fix some leaks in probe

drivers: serial: jsm: fix some leaks in probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...