6185 matches found
DENX Software Engineering Das U-Boot 缓冲区错误漏洞
DENX Software Engineering Das U-Boot is a Universal Bootloader from DENX Software Engineering, Germany. A security vulnerability exists in DENX Software Engineering Das U-Boot that originates from an unchecked download size and direction in the USB DFU, which can be exploited by an attacker to...
GSD-2022-1006294 tty: serial: Fix refcount leak bug in ucc_uart.c
tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.326 by commit...
GSD-2022-1006209 tty: serial: Fix refcount leak bug in ucc_uart.c
tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...
GSD-2022-1006096 tty: serial: Fix refcount leak bug in ucc_uart.c
tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...
GSD-2022-1005953 tty: serial: Fix refcount leak bug in ucc_uart.c
tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commit...
GSD-2022-1005766 tty: serial: Fix refcount leak bug in ucc_uart.c
tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.138 by commit...
GSD-2022-1005471 tty: serial: Fix refcount leak bug in ucc_uart.c
tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...
PT-2022-34140 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.35 through 5.10.136 Description: The issue is related to a use-after-free in the ath9k hif usb rx cb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
GSD-2022-1005202 tty: serial: qcom-geni-serial: Fix %lu -> %u in print statements
tty: serial: qcom-geni-serial: Fix %lu - %u in print statements This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
GSD-2022-1005081 tty: serial: Fix refcount leak bug in ucc_uart.c
tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...
OESA-2022-1918 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including one or several processors and various peripherals. It can be used to launch...
PT-2022-33266 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.7 Description: A potential security issue exists due to a use-after-free read in the usb udc uevent function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2022-33460 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue is related to a fix in the qcom-geni-serial component of the Linux Kernel, where a change from %lu to %u in print statements was made. The actual impact and potential for attack ha...
Siemens RUGGEDCOM ROS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
CVE-2022-35572
On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, and potentially other vendors/devices due to code reuse, the /SysInfo.htm URI does not require a session ID. This web page calls a showsysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS...
CVE-2022-35572
On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, and potentially other vendors/devices due to code reuse, the /SysInfo.htm URI does not require a session ID. This web page calls a showsysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS...
PT-2022-22907 · Linksys · Linksys E5350 Wifi Router
Name of the Vulnerable Software and Affected Versions: Linksys E5350 WiFi Router version 1.0.00.037 and lower Description: The issue concerns the /SysInfo.htm URI, which does not require a session ID. This web page calls the show sysinfo function, retrieving sensitive information such as WPA...
CVE-2022-36874
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number...
CVE-2022-36874
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number...
CVE-2022-36874
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number...